POC详情: 962bab64e0a64028bb9efc3e88365a56330d710a

来源
https://github.com/travisbgreen/cve-2025-8088
关联漏洞
标题: WinRAR 安全漏洞 (CVE-2025-8088)
描述:WinRAR是WinRAR公司的一款文件压缩器。该产品支持RAR、ZIP等格式文件的压缩和解压等。 WinRAR存在安全漏洞,该漏洞源于路径遍历问题,可能导致任意代码执行。
描述
cve-2025-8088_detection
介绍
# CVE-2025-8088: WinRAR Path Traversal Detection

## Overview
This repository documents research and detection strategies for CVE-2025-8088, a path traversal vulnerability in WinRAR. Exploitation of this vulnerability can allow attackers to extract files outside the intended directory, leading to potential system compromise.

Travis via Corelight has developed and released network-based detection signatures and analytics to identify exploitation attempts of CVE-2025-8088.

## References
- [ESET Research](https://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability/)
- [CVE-2025-8088 Details](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8088)
- [Sample @ any.run](https://app.any.run/tasks/d8654a4c-260b-4b54-bfef-410be70367ab?p=687a474f15e4c5fc7c408ba1)

## Contact

For more information or access to detection content, contact Corelight support or visit [corelight.com](https://corelight.com).
文件快照

 [4.0K]  /data/pocs/962bab64e0a64028bb9efc3e88365a56330d710a
├── [ 627]  CVE_2025_8088_rar_ADS_traversal.yar
├── [1.4K]  cve-2025-8088.rules
├── [ 36M]  merged.pcap
└── [ 976]  README.md

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。