WHAT IS ZIP FILE OVERWRITE?
Zip file overwrite (also known as Zip Slip) exploits a vulnerability that is found in several widely used programming languages. It is especially prevalent in Java where there is no central library that provides a high-level process for archive files. Taking advantage of this flaw, attackers can create Zip archives that use path traversal to overwrite critical files on affected systems, either destroying them or replacing them with malicious code for remote command execution. These can be invoked remotely or the attacker can wait for the system or user to call them, thus achieving remote command execution on the victim’s machine.