6 matches found
Exploit for OS Command Injection in Zimbra Collaboration
CVE-2024-45519 CVE-2024-45519 is a high-risk vulnerability in...
Vulnerabilities fixed in Zimbra
Synacor has fixed vulnerabilities in Zimbra Collaboration. By sending a specially prepared e-mail to the SMTP server, code execution can be obtained directly on the Zimbra server that can be used, for example, to place a webshell. Researchers have published Proof-of-Concept code that demonstrates...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-45519link is external Synacor Zimbra Collaboration Command Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...
Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a...
Zimbra Collaboration Server 8.0.0 < 8.8.15 Patch 46, 9.0.0 < 9.0.0 Patch 41, 10.0 < 10.0.9, 10.1.0 < 10.1.1 Multiple Vulnerabilities
According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - Fixed a security vulnerability in the postjournal service which may allow unauthenticated users to execute commands. CVE-2024-45519 - A Server-Side Request Forgery SSRF...
CVE-2024-45519
creationtimestamp| type| source ---|---|--- 2024-09-24 15:21:20+00:00| seen| https://t.me/ptswarm/220 2024-09-25 17:30:05+00:00| seen| https://t.me/truesecator/6248 2024-09-26 01:37:36+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8602 2024-09-26 14:25:00+00:00|...