Exploit for CVE-2025-66945

A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution

Published: 2026-03-03

CVSS: 9.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Download Exploit for CVE-2025-66945 here:

http://zeroday3sv534ljdendaufcrorz67yg6iujdpaknp6zqgxaevb7okfid.onion/exploit-for-cve-2025-66945.783/

Use Tor Browser to access .onion site.

https://sonitex.com/exploit-151-cve-2025-40540/

https://sonitex.com/exploit-409-cve-2026-26705/

https://sonitex.com/exploit-590-cve-2026-28508/

https://sonitex.com/exploit-728-cve-2026-0120/