I've found a critical vulnerability in zMenu that allows Remote Code Execution (RCE) via the /zm download command (Path Traversal/Arbitrary File Write).
I have a full Proof of Concept (video and exploit scripts) and would like to share it privately to help you fix it.
Please let me know how to send you the details (e.g. your Discord, Email, or enable Private Vulnerability Reporting on this repo).
I've found a critical vulnerability in zMenu that allows Remote Code Execution (RCE) via the /zm download command (Path Traversal/Arbitrary File Write).
I have a full Proof of Concept (video and exploit scripts) and would like to share it privately to help you fix it.
Please let me know how to send you the details (e.g. your Discord, Email, or enable Private Vulnerability Reporting on this repo).