Lucene search
+L

5 matches found

OSV
OSV
added 2022/08/16 8:0 p.m.33 views

CVE-2022-37393 Zimbra zmslapd arbitrary module load

Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which includes plugins in the form of .so files, which also execute as root...

7.8CVSS7.3AI score0.01683EPSS
Exploits4References5
CVE
CVE
added 2022/08/16 8:0 p.m.265 views

CVE-2022-37393

CVE-2022-37393: Zimbra’s sudo configuration allows the zimbra user to run the zmslapd binary as root with arbitrary parameters. zmslapd can load a user-defined configuration file that may include plugins (.so) executed as root, enabling local privilege escalation. The available connected document...

7.8CVSS8.7AI score0.01683EPSS
In wildExploits4References3Affected Software1
0day.today
0day.today
added 2022/08/10 12:0 a.m.631 views

Zimbra zmslapd Privilege Escalation Exploit

This Metasploit module exploits CVE-2022-37393, which is a vulnerability in Zimbra's sudo configuration that permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which...

7.8CVSS0.4AI score0.01683EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/08/10 12:0 a.m.373 views

Zimbra zmslapd Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zimbra zmslapd arbitrary module load', 'Description' = %q This module exploits CVE-2022-37393, which is a vulnerability in Zimbra's sudo...

0.7AI score0.01683EPSS
Exploits4
Circl
Circl
added 2022/08/09 4:39 p.m.9 views

CVE-2022-37393

creationtimestamp| type| source ---|---|--- 2022-08-09 16:39:19+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/zimbraslapperprivesc.rb 2022-08-17 14:35:04+00:00| published-proof-of-concept| Telegram/RSu8n7LvnC9xeCRU6JhJsfiUmeq682EnNiL5z7-ptljY...

7.8CVSS7.2AI score0.01683EPSS
Exploits4References3
Rows per page
Query Builder