# CVE-2026-30345 - CTFd Zipfile Import Arbitrary File Write ## Vulnerability Overview A Zip Slip vulnerability exists in the Admin import functionality of CTFd v3.8.1-18-gb5a18c4, allowing attackers to write arbitrary files. ## Affected Scope - **Affected Product Codebase**: CTFd - 3.8.1-18-gb5a18c4 - **Affected Component**: CTFd admin configuration's import feature - **Attack Type**: Remote - **CVE Impact**: Arbitrary file write (path traversal / Zip Slip) during CTFd import/restore allows writing files outside the intended extraction directory. ## Remediation - Update CTFd to the latest version. - References: - [GitHub CTFd](https://github.com/CTFd/CTFd) - [CTFd Security Policy](https://github.com/CTFd/CTFd/security/policy) ## POC Code ```plaintext [Suggested description] A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gb5a18c4 allows attackers to write arbitrary files. [VulnerabilityType Other] Path Traversal (Zip Slip) leading to Arbitrary File Write (CVE-22 / CVE-73) [Vendor of Product] CTFd [Affected Product Code Base] CTFd - 3.8.1-18-gb5a18c4 [Affected Component] CTFd admin configuration's import feature [Attack Type] Remote [CVE Impact Other] Arbitrary file write (path traversal / Zip Slip) during CTFd import/restore allows writing files outside the intended extraction directory. [Attack Vectors] An authenticated administrator uploads a maliciously crafted CTFd export archive containing file entries with traversal/absolute paths. ```