Share
## https://sploitus.com/exploit?id=ECFA39C2-1EC1-59A8-9C07-331C009FE2BC
# CVE-2025-11001 - 7-Zip  **High-severity symlink traversal in 7-Zip** allowing arbitrary file write / RCE  
> **Patched in 7-Zip 25.00 (July 2025)** โ€“ Public exploit available  
> **FOR AUTHORIZED SECURITY TESTING AND RESEARCH ONLY**

![7-Zip](https://img.shields.io/badge/7--Zip-%3C%2025.00-red) ![CVE](https://img.shields.io/badge/CVE-2025--11001-orange) ![CVSS](https://img.shields.io/badge/CVSS-7.0%20(High)-critical)

## Vulnerability Summary

- **CVE**: [CVE-2025-11001](https://nvd.nist.gov/vuln/detail/CVE-2025-11001)
- **CVSS v3.1**: **7.0 (High)** โ€“ `AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H`
- **Affected**: All 7-Zip versions **< 25.00** (Windows)
- **Fixed in**: 7-Zip **25.00** and later
- **Discovery**: Ryota Shiga (Flatt Security) via ZDI (ZDI-25-949)
- **Exploit Type**: ZIP symlink directory traversal โ†’ arbitrary file placement
- **Impact**: Remote Code Execution when victim extracts malicious archive **as Administrator**

## PoC Author

**Mohammed Idrees Banyamer**  
Jordan | Security Researcher  
Instagram: [@banyamer_security](https://instagram.com/banyamer_security)  
GitHub: https://github.com/mbanyamer

## Usage 

```bash
python3 cve-2025-11001_poc.py \
  -t "C:\Windows\System32" \
  -p payload/malicious.exe \
  -o CVE-2025-11001-exploit.zip