What is CVE-2014-125119?

CVE-2014-125119 is a vulnerability in Rarlab Winrar, classified under Improper Input Validation. Published 2025-07-25.

Is CVE-2014-125119 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Arbitrary file upload in Rarlab Winrar

CVE-2014-125119

A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives. The issue arises due to inconsistencies between the Central Directory and Local File Header entries in ZIP files. When viewed in WinRAR, the fi…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.363 (97.2th percentile) — read the EPSS interpretation.

Affected products

Rarlab Winrar — versions 3.80, 4.11

Weakness classification (CWE)

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.rarlab.com/vuln_zip_spoofing_4.20.html (vendor-advisory)
an7isec.blogspot.com/2014/03/winrar-file-extension-spoofing-0day.html (technical-description, exploit)
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/w… (exploit)
web.archive.org/web/20141111142204/https://www.intelcrawler.com/report_2603.pdf (technical-description)
web.archive.org/web/20140625054244/http://intelcrawler.com/news-15 (technical-description, media-coverage)
www.vulncheck.com/advisories/winrar-filename-spoofing-rce (third-party-advisory)

Frequently asked questions

What is CVE-2014-125119?: CVE-2014-125119 is a vulnerability in Rarlab Winrar, classified under Improper Input Validation. Published 2025-07-25.
Is CVE-2014-125119 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.