Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-41352

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-41352

Description:
An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavisd via a cpio loophole (extraction to /opt/zimbra/jetty/webapps/zimbra/public) that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also, pax is in the prerequisites of Zimbra on Ubuntu; however, pax is no longer part of a default Red Hat installation after RHEL 6 (or CentOS 6). Once pax is installed, amavisd automatically prefers it over cpio.
Last updated date:
11/09/2022

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
10/06/2022
Reference url to background

https://www.rapid7.com/blog/post/2022/10/06/exploitation-of-unpatched-zero-day-remote-code-execution-vulnerability-in-zimbra-collaboration-suite-cve-2022-41352/

Type:
exploitation
Confidence:
HIGH
Date of publishing:
10/20/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/10/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/19/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/09/2022
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/11/2022
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2022

Privacy Policy