漏洞描述
Zimbra Collaboration(又名 ZCS)8.8.15 和 9.0 具有 mboximport 功能,可接收 ZIP存档并从中提取文件。具有管理员权限的经过身份验证的用户能够将任意文件上传到系统,从而导致命令执行。
zimbraAdmin命令执行(CVE-2022-27925)
PoC代码
暂无相关漏洞推荐
-
CVE-2022-37042: Zimbra Collaboration Suite 8.8.15/9.0 - Remote Code Execution POC
2025-09-01 | Zimbra Collaboration Suite 8.8.15 9.0Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP arc... -
CVE-2013-7091: Zimbra Collaboration Server 7.2.2/8.0.2 Local File Inclusion POC
2025-08-01 | Zimbra Collaboration ServerA directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20Tem... -
CVE-2018-14013: Synacor Zimbra Collaboration Suite Collaboration <8.8.11 - Cross-Site Scripting POC
2025-08-01 | Synacor Zimbra Collaboration Suite CollaborationSynacor Zimbra Collaboration Suite Collaboration before 8.8.11 is vulnerable to cross-site scripting... -
Webmin /package-updates/update.cgi 命令执行漏洞(CVE-2022-36446) 无POC
2025-09-05 | WebminWebmin是Webmin社区的一套基于Web的用于类Unix操作系统中的系统管理工具。 Webmin 1.997之前的版本存在安全漏洞,该漏洞源于其software/apt-lib.pl组件缺少对U... -
CVE-2022-0342: Zyxel authentication bypass patch analysis POC
2025-09-01 | ZyxelAn authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versio...