CVE-2018-1002201

MEDIUM

zt-zip <1.13 - Path Traversal

Title source: llm

Description

zt-zip before 1.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.

Exploits (3)

nomisec WRITEUP

by dawetmaster · poc

https://github.com/dawetmaster/CVE-2018-1002201-zt-zip-vulnerable

View Code ZIP pw:eip

nomisec WRITEUP

by andikahilmy · poc

https://github.com/andikahilmy/CVE-2018-1002201-zt-zip-vulnerable

View Code ZIP pw:eip

nomisec WRITEUP

by shoucheng3 · poc

https://github.com/shoucheng3/zeroturnaround__zt-zip_CVE-2018-1002201_1-12

View Code ZIP pw:eip

References (5)

[Exploit, Third Party Advisory] https://github.com/snyk/zip-slip-vulnerability

[Issue Tracking, Third Party Advisory] https://github.com/zeroturnaround/zt-zip/blob/zt-zip-1.13/Changelog.txt

[Issue Tracking, Patch, Third Party Advisory] https://github.com/zeroturnaround/zt-zip/commit/759b72f33bc8f4d69f84f09fcb7f010ad45d6fff

[Exploit, Issue Tracking, Patch, Third Party Advisory] https://snyk.io/research/zip-slip-vulnerability

[Exploit, Issue Tracking, Patch, Third Party Advisory] https://snyk.io/vuln/SNYK-JAVA-ORGZEROTURNAROUND-31681

Scores

CVSS v3 5.5

EPSS 0.0130

EPSS Percentile 79.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE

CWE-22

Status published

Products (2)

jrebel/zt-zip < 1.13

org.zeroturnaround/zt-zip 0 - 1.13Maven

Published Jul 25, 2018

Tracked Since Feb 18, 2026