CVE-2018-20250
WinRAR Absolute Path Traversal Vulnerability
CVSS
—
No CVSS
EPSS
96.3%
p100
KEV
YES
Feb 15, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
96.3%EPSS · 30 days96.3%
2026-06-302026-07-16
Product
RARLAB / WinRAR
Vulnerability
WinRAR Absolute Path Traversal Vulnerability
Added to KEV
Feb 15, 2022
Remediate by
Aug 15, 2022
Known ransomware use
Yes
Summary description
WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2018-20250