Tag Archives: WinRAR

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server

1 Reply

September In the Trend of VM (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server

September “In the Trend of VM” (#19): vulnerabilities in the WinRAR and 7-Zip archivers, SAP NetWeaver, and TrueConf Server. A traditional monthly roundup – for the first time with NO Microsoft vulnerabilities! 😲🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

A total of eight trending vulnerability IDs in four products:

🔻 Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088). An exploitable RCE during archive extraction.
🔻 Remote Code Execution – SAP NetWeaver (CVE-2025-31324, CVE-2025-42999). An exploitable RCE in a component of a popular ERP system.
🔻 Remote Code Execution – 7-Zip (CVE-2025-55188). Mostly a Linux RCE during archive extraction – a public exploit is available.
🔻 Remote Code Execution – TrueConf Server (BDU:2025-10116, BDU:2025-10115, BDU:2025-10114). Critical flaws in Russian videoconferencing system.

На русском

About Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities

1 Reply

About Remote Code Execution - WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities

About Remote Code Execution – WinRAR (CVE-2025-6218, CVE-2025-8088) vulnerabilities. A crafted file path inside an archive may cause the extraction process to move into unintended directories (including the Startup directories 😈), which can result in archive extraction leading to the execution of malicious code in the context of the current user.

🩹 Vulnerability CVE-2025-6218 was reported to the vendor on June 5. It was fixed on June 25 in version 7.12. A month later, on July 30, version 7.13 was released, which addressed CVE-2025-8088 with the same description.

🛠 A public exploit for CVE-2025-6218 has been available on GitHub since June 27.

👾 On August 8, BiZone reported phishing attacks against Russian organizations exploiting CVE-2025-6218 and CVE-2025-8088 since early July, linked to the group Paper Werewolf (GOFFEE). ESET also observed attacks exploiting these vulnerabilities to deploy RomCom backdoors.

На русском

Vulnerabilities of Western logistics

Leave a reply

Vulnerabilities of Western logistics

Vulnerabilities of Western logistics. On May 21, Western intelligence agencies released joint advisory AA25-141A about attacks targeting infrastructure of Western logistics and tech companies. Alongside the usual Five Eyes, intelligence services from Germany, Czech Republic, Poland, Denmark, Estonia, France, and the Netherlands also contributed.

The document mentions the exploitation of vulnerabilities:

🔻 Remote Code Execution – WinRAR (CVE-2023-38831)
🔻 Elevation of Privilege – Microsoft Outlook (CVE-2023-23397)
🔻 Remote Code Execution – Roundcube (CVE-2020-12641)
🔻 Code Injection – Roundcube (CVE-2021-44026)
🔻 Cross Site Scripting – Roundcube (CVE-2020-35730)

Patches, exploits, and signs of in-the-wild exploitation have been available for years for these vulnerabilities. 🤦‍♂️🤷‍♂️

🗒 Vulristics Report

На русском

August 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper

2 Replies

August 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper. Hello everyone! This month I decided NOT to make an episode completely dedicated to Microsoft Patch Tuesday. Instead, this episode will be an answer to the question of how my Vulnerability Management month went. A retrospection of some kind.

Alternative video link (for Russia): https://vk.com/video-149273431_456239134

Continue reading