CVE-2022-27925Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

PUBLISHEDvulnerability record
2022-08-11 · last modified June 21, 2025

Metadata

CVE ID:
CVE-2022-27925
项目:
Synacor
产品:
Zimbra Collaboration Suite (ZCS)
添加日期:
2022-08-11
到期日:
2022-09-01
最后更新:
June 21, 2025

漏洞名称

Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

描述

Synacor Zimbra Collaboration Suite (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attacker to upload arbitrary files to perform remote code execution. This vulnerability was chained with CVE-2022-37042 which allows for unauthenticated remote code execution.

已知用于勒索软件活动吗?

勒索软件状态:
KNOWN

采集行动

Apply updates per vendor instructions.

其他说明

相关新闻文章

相关 CWE