Rce

There’s a new Erlang OTP vulnerability, CVE-2025-4748. It’s an Absolute Path Traversal vulnerability involving a Zip archive, which I have a lot of practice with. It affects Erlang OTP, which a coworker has already written about recently and noted the necessary steps to set up an environment.

Recently I stumbled across a thread on Reddit r/AskNetsec Now, without looking at the post: What do you think the answers looked like?