unzip-bot 操作系统命令注入漏洞

unzip-bot is a Telegram bot used by EDM115 to extract various types of archives. An operating system command injection vulnerability exists in versions prior to unzip-bot 7.0.3a, which stems from improper input cleanup and allows a user to inject malicious commands via constructed zip file names,...