Exploitation Summary
EIP tracks 1 public exploit for CVE-2024-48510. PoCs published by havertz2110.
AI-analyzed exploit summary The repository contains only a minimal README with no exploit code, technical details, or meaningful content. It appears to be a placeholder or stub.
Description
Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Exploits (1)
nomisec
STUB
by havertz2110 · poc
https://github.com/havertz2110/CVE-2024-48510-PoC
The repository contains only a minimal README with no exploit code, technical details, or meaningful content. It appears to be a placeholder or stub.
Classification
Stub 95%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
unknown
No auth needed
MITRE ATT&CK
devstral-2 · analyzed Mar 20, 2026
Full analysis →
References (4)
Core 4
Core References
Patch, Third Party Advisory
https://gist.github.com/thomas-chauchefoin-bentley-systems/855218959116f870f08857cce2aec731
Scores
CVSS v3
9.8
EPSS
0.0228
EPSS Percentile
85.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-22
Status
published
Products (4)
dotnetzip.semverd_project/dotnetzip.semverd
1.10.1 - 1.16.0
mihula/prodotnetzip
< 1.19.0
nuget/DotNetZip
1.10.1NuGet
nuget/ProDotNetZip
0 - 1.19.0NuGet
Published
Nov 13, 2024
Tracked Since
Feb 18, 2026