Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2022-37042

🗓️ 11 Aug 2022 19:37:27Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 1103 Views🌐 WEB

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 allows arbitrary file upload and remote code executio

Related
Detection
Refs
Paths
Social
ReporterTitlePublishedViews
Family
GithubExploit		Exploit for Path Traversal in Zimbra Collaboration
24 Oct 202210:10
githubexploit
GithubExploit		Exploit for Path Traversal in Synacor Zimbra_Collaboration_Suite
20 Aug 202215:58
githubexploit
GithubExploit		Exploit for Path Traversal in Synacor Zimbra_Collaboration_Suite
19 Aug 202417:17
githubexploit
GithubExploit		Exploit for Path Traversal in Synacor Zimbra_Collaboration_Suite
25 Sep 202215:09
githubexploit
GithubExploit		Exploit for Path Traversal in Zimbra Collaboration
25 Aug 202210:43
githubexploit
0day.today		Zimbra Zip Path Traversal Exploit
25 Aug 202200:00
zdt
ICS		Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
27 Jan 202312:00
ics
ICS		NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
5 Oct 202312:00
ics
ATTACKERKB		CVE-2022-37042
12 Aug 202200:00
attackerkb
ATTACKERKB		CVE-2022-27925
21 Apr 202200:00
attackerkb
Rows per page
NVD
Node
synacorzimbra_collaboration_suiteMatch8.8.15-
OR
synacorzimbra_collaboration_suiteMatch8.8.15p1
OR
synacorzimbra_collaboration_suiteMatch8.8.15p10
OR
synacorzimbra_collaboration_suiteMatch8.8.15p11
OR
synacorzimbra_collaboration_suiteMatch8.8.15p12
OR
synacorzimbra_collaboration_suiteMatch8.8.15p13
OR
synacorzimbra_collaboration_suiteMatch8.8.15p14
OR
synacorzimbra_collaboration_suiteMatch8.8.15p15
OR
synacorzimbra_collaboration_suiteMatch8.8.15p16
OR
synacorzimbra_collaboration_suiteMatch8.8.15p17
OR
synacorzimbra_collaboration_suiteMatch8.8.15p18
OR
synacorzimbra_collaboration_suiteMatch8.8.15p19
OR
synacorzimbra_collaboration_suiteMatch8.8.15p2
OR
synacorzimbra_collaboration_suiteMatch8.8.15p20
OR
synacorzimbra_collaboration_suiteMatch8.8.15p21
OR
synacorzimbra_collaboration_suiteMatch8.8.15p22
OR
synacorzimbra_collaboration_suiteMatch8.8.15p23
OR
synacorzimbra_collaboration_suiteMatch8.8.15p24
OR
synacorzimbra_collaboration_suiteMatch8.8.15p25
OR
synacorzimbra_collaboration_suiteMatch8.8.15p26
OR
synacorzimbra_collaboration_suiteMatch8.8.15p27
OR
synacorzimbra_collaboration_suiteMatch8.8.15p28
OR
synacorzimbra_collaboration_suiteMatch8.8.15p29
OR
synacorzimbra_collaboration_suiteMatch8.8.15p3
OR
synacorzimbra_collaboration_suiteMatch8.8.15p30
OR
synacorzimbra_collaboration_suiteMatch8.8.15p31
OR
synacorzimbra_collaboration_suiteMatch8.8.15p31.1
OR
synacorzimbra_collaboration_suiteMatch8.8.15p32
OR
synacorzimbra_collaboration_suiteMatch8.8.15p4
OR
synacorzimbra_collaboration_suiteMatch8.8.15p5
OR
synacorzimbra_collaboration_suiteMatch8.8.15p6
OR
synacorzimbra_collaboration_suiteMatch8.8.15p7
OR
synacorzimbra_collaboration_suiteMatch8.8.15p8
OR
synacorzimbra_collaboration_suiteMatch8.8.15p9
OR
synacorzimbra_collaboration_suiteMatch9.0.0-
OR
synacorzimbra_collaboration_suiteMatch9.0.0p1
OR
synacorzimbra_collaboration_suiteMatch9.0.0p10
OR
synacorzimbra_collaboration_suiteMatch9.0.0p11
OR
synacorzimbra_collaboration_suiteMatch9.0.0p12
OR
synacorzimbra_collaboration_suiteMatch9.0.0p13
OR
synacorzimbra_collaboration_suiteMatch9.0.0p14
OR
synacorzimbra_collaboration_suiteMatch9.0.0p15
OR
synacorzimbra_collaboration_suiteMatch9.0.0p16
OR
synacorzimbra_collaboration_suiteMatch9.0.0p17
OR
synacorzimbra_collaboration_suiteMatch9.0.0p18
OR
synacorzimbra_collaboration_suiteMatch9.0.0p19
OR
synacorzimbra_collaboration_suiteMatch9.0.0p2
OR
synacorzimbra_collaboration_suiteMatch9.0.0p20
OR
synacorzimbra_collaboration_suiteMatch9.0.0p21
OR
synacorzimbra_collaboration_suiteMatch9.0.0p22
OR
synacorzimbra_collaboration_suiteMatch9.0.0p23
OR
synacorzimbra_collaboration_suiteMatch9.0.0p24
OR
synacorzimbra_collaboration_suiteMatch9.0.0p24.1
OR
synacorzimbra_collaboration_suiteMatch9.0.0p25
OR
synacorzimbra_collaboration_suiteMatch9.0.0p3
OR
synacorzimbra_collaboration_suiteMatch9.0.0p4
OR
synacorzimbra_collaboration_suiteMatch9.0.0p5
OR
synacorzimbra_collaboration_suiteMatch9.0.0p6
OR
synacorzimbra_collaboration_suiteMatch9.0.0p7
OR
synacorzimbra_collaboration_suiteMatch9.0.0p8
OR
synacorzimbra_collaboration_suiteMatch9.0.0p9
ParameterPositionPathDescriptionCWE
cmdquery param/public/formatter.jspZimbra CVE-2022-37042 JSP shell allowing command execution via the cmd parameterCWE-22

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Nov 2025 16:46Current
9High risk
Vulners AI Score9
CVSS 3.19.8
EPSS0.94333
SSVC
CWE-22In Wild
zimbracollaboration suitezcscve-2022-37042securityremote code executiondirectory traversalauthentication bypass
1103