Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-27925

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-27925

Description:
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
Last updated date:
08/24/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
08/11/2022
Reference url to background

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:
exploit
Confidence:
HIGH
Date of publishing:
08/12/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/14/2022
Reference url to background

https://github.com/MeDx64/CVE-2022-27925

Type:
exploit
Confidence:
HIGH
Date of publishing:
08/14/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/20/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/22/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/26/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy