10 matches found
Exploit for Path Traversal in Zimbra Collaboration
CVE-2022-41352 Zimbra Unauthenticated RCE CVE-2022-41352...
Metasploit Weekly Wrap-Up
Zimbra with Postfix LPE CVE-2022-3569 This week rbowes added an LPE exploit for Zimbra with Postfix. The exploit leverages a vulnerability whereby the Zimbra user can run postfix as root which in turn is capable of executing arbitrary shellscripts. This can be abused for reliable privilege...
Zimbra Collaboration Suite TAR Path Traversal Exploit
This Metasploit module creates a .tar file that can be emailed to a Zimbra server to exploit CVE-2022-41352. If successful, it plants a JSP-based backdoor in the public web directory, then executes that backdoor. The core vulnerability is a path-traversal issue in the cpio command-line utility th...
TAR Path Traversal in Zimbra (CVE-2022-41352)
This module creates a .tar file that can be emailed to a Zimbra server to exploit CVE-2022-41352. If successful, it plants a JSP-based backdoor in the public web directory, then executes that backdoor. The core vulnerability is a path-traversal issue in the cpio command- line utlity that can...
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
Zimbra has released patches to contain an actively exploited security flaw in its enterprise collaboration suite that could be leveraged to upload arbitrary files to vulnerable instances. Tracked as CVE-2022-41352 CVSS score: 9.8, the issue affects a component of the Zimbra suite called Amavis, a...
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
Overview On September 10, 2022, a user reported on Zimbras official forums that their team detected a security incident originating from a fully patched instance of Zimbra. The details they provided allowed Zimbra to confirm that an unknown vulnerability allowed attackers to upload arbitrary file...
Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The active exploitation of an unpatched CVE-2022-41352 remote code execution RCE vulnerability found in the Zimbra Collaboration Suite ZCS. It empowers attackers to upload arbitrary files and...
Exploitation of Unpatched Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite (CVE-2022-41352)
Note: Zimbra release 9.0.0 P27 addressed this vulnerability on October 10, 2022. CVE-2022-41352 is an unpatched remote code execution vulnerability in Zimbra Collaboration Suite discovered in the wild due to active exploitation. The vulnerability is due to the method cpio in which Zimbra’s...
CVE-2022-41352
creationtimestamp| type| source ---|---|--- 2022-09-26 07:22:09+00:00| seen| https://t.me/cibsecurity/50459 2022-10-07 12:48:28+00:00| seen| https://www.cert.at/de/warnungen/2022/10/remote-code-execution-in-zimbra-collaboration-suite-workaround-verfugbar 2022-10-08 09:52:18+00:00| exploited|...
CVE-2022-41352
An issue was discovered in Zimbra Collaboration ZCS 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophole extraction to /opt/zimbra/jetty/webapps/zimbra/public that can lead to incorrect access to any other user accounts. Zimbra recommends pax over cpio. Also,...