CVE-2025-66945 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files m…
Critical CVSS: 9.1

CVE-2025-66945

A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution
Vendor
Zdir
Product
Zdir
CWE
CWE-787
Yayın Tarihi
2026-03-03 20:16:44
Güncelleme
2026-03-04 17:50:01
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-787 Zdir CRITICAL Zdir 2026

Referanslar

https://github.com/kaliworld/Zdir-Pro-Zip-slip-vulnerability/ https://zeroday.endlessparadox.com/posts/cve-2025-66945/