Vulnerabilities

CVE-2022-27925

by Fred · 20/04/2022

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.

Date published : 2022-04-20

https://wiki.zimbra.com/wiki/Security_Center

https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24

Similar

Tags: Cybersecurity Alert