Zimbra Collaboration Suite 8.8.15 9.0 漏洞列表

共找到 2 个与 Zimbra Collaboration Suite 8.8.15 9.0 相关的漏洞

📅 加载漏洞趋势中...

CVE-2022-37042: Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution POC

日期: 2025-09-01 | 影响软件: Zimbra Collaboration Suite 8.8.15 9.0

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925. FOFA: app="zimbra-邮件系统" SHODAN: http.favicon.hash:"1624375939"
CVE-2022-37042: Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution POC

日期: 2025-08-01 | 影响软件: Zimbra Collaboration Suite 8.8.15 9.0

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.