漏洞描述
Zimbra Collaboration服务器存在CRLF注入漏洞,此漏洞是使用Memcached执行路由缓存时,对HTTP请求URI及头部值中的CRLF字符过滤不充分导致的。
Zimbra Collaboration Memcached CRLF 注入漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2022-27924: Zimbra Collaboration Suite - Memcached Command Injection
- POC CVE-2025-68645: Zimbra Collaboration - Local File Inclusion
- Zimbra Collaboration 存在本地文件包含漏洞(CVE-2025-68645)
- POC Zimbra Collaboration Suite /h javax.servlet.include.path_info 文件包含漏洞(CVE-2025-68645)
- POC CVE-2025-27915: Zimbra - Cross-Site Scripting via ICS Files
- CVE-2019-9670: Zimbra Collaboration XXE
- POC CVE-2013-7091: Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion
- POC CVE-2018-14013: Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting
- POC CVE-2019-9670: Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection
- POC CVE-2020-7796: Zimbra Collaboration Suite < 8.8.15 Patch 7 - Server-Side Request Forgery
- POC CVE-2022-27926: Zimbra Collaboration (ZCS) - Cross Site Scripting
- POC CVE-2022-37042: Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution
- POC CVE-2023-34192: Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting