Zip File Overwrite
Zip File Overwrite: Understanding and Mitigating the Zip Slip Vulnerability
Manage Zip File Overwrite RisksTable of Contents
What is zip file overwrite?
Zip file overwrite (also known as Zip Slip) exploits a vulnerability that is found in several widely used programming languages. It is especially prevalent in Java where there is no central library that provides a high-level process for archive files. Taking advantage of this flaw, attackers can create Zip archives that use path traversal to overwrite critical files on affected systems, either destroying them or replacing them with malicious code for remote command execution. These can be invoked remotely or the attacker can wait for the system or user to call them, thus achieving remote command execution on the victim’s machine.
Since it was publicly disclosed on June 5, 2018 by the Synk Security Team, Zip Slip has been found in many language ecosystems (.NET, Go, and JavaScript). As an arbitrary file overwrite vulnerability, Zip Slip can be triggered with a directory traversal attack while extracting files from an archive and affects many archive formats, including tar, jar, war, cpio, apk, rar, and 7z.