vulnerability zip-slip
severity 7.5
language java
registry other

:book: Description

mucommander A lightweight, cross-platform file manager with a dual-pane interface. This package is vulnerable for zip-slip.

:recycle: Steps To Reproduce-:

  1. download and run latest release from
  2. unpack given zip file . example used :

:telescope: POC

💥 Impact

zip-slip (Zip Slip is a widespread arbitrary file overwrite critical vulnerability, which typically results in remote command execution)