CVE-2025-63371

high

Description

Milos Paripovic OneCommander 3.102.0.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing component, specifically in the functionality responsible for extracting and handling ZIP archive contents.

References

https://www.onecommander.com/

https://jeroscope.com/advisories/2025/jero-2025-007/

Details

Source: Mitre, NVD

Published: 2025-11-19

Updated: 2025-11-20

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N