5 matches found
CVE-2024-54663
An issue was discovered in the Webmail Classic UI in Zimbra Collaboration ZCS 9.0 and 10.0 and 10.1. A Local File Inclusion LFI vulnerability exists in the /h/rest endpoint, allowing authenticated remote attackers to include and access sensitive files in the WebRoot directory. Exploitation requir...
CVE-2024-54663
creationtimestamp| type| source ---|---|--- 2024-12-19 22:20:00+00:00| seen| https://infosec.exchange/users/cve/statuses/113681812653957542 2024-12-19 23:15:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoyujoem62v 2024-12-20 00:51:24+00:00| seen|...
CVE-2024-54663
An issue was discovered in the Webmail Classic UI in Zimbra Collaboration ZCS 9.0 and 10.0 and 10.1. A Local File Inclusion LFI vulnerability exists in the /h/rest endpoint, allowing authenticated remote attackers to include and access sensitive files in the WebRoot directory. Exploitation requir...
CVE-2024-54663
An issue was discovered in the Webmail Classic UI in Zimbra Collaboration ZCS 9.0 and 10.0 and 10.1. A Local File Inclusion LFI vulnerability exists in the /h/rest endpoint, allowing authenticated remote attackers to include and access sensitive files in the WebRoot directory. Exploitation requir...
CVE-2024-54663
The CVE-2024-54663 affects Zimbra Collaboration (ZCS) Webmail Classic UI, specifically ZCS 9.0–10.1. A Local File Inclusion (LFI) exists in the /h/rest endpoint, allowing an authenticated attacker to include and read files from the WebRoot directory by crafting a malicious request to specific fil...