3 matches found
CVE-2025-71275
The CVE-2025-71275 affects Zimbra Collaboration Suite (ZCS) PostJournal service version 8.8.15, where improper sanitization of the RCPT TO parameter enables unauthenticated SMTP injection that leads to remote code execution under the Zimbra service context. The issue is documented with very high ...
CVE-2025-71275 Zimbra Collaboration Suite PostJournal 8.8.15 Unauthenticated Remote Code Execution via SMTP Injection
Zimbra Collaboration Suite ZCS PostJournal service version 8.8.15 contains a command injection vulnerability that allows unauthenticated attackers to execute arbitrary system commands by exploiting improper sanitization of the RCPT TO parameter via SMTP injection. Attackers can inject shell...
PT-2026-27441
Name of the Vulnerable Software and Affected Versions Zimbra Collaboration Suite ZCS version 8.8.15 Description A security issue exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows unauthenticated attackers to execute arbitrary system commands. This is possible due to...