CVE-2022-41352 - Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

Vulnerability Name

Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

Description

Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://wiki.zimbra.com/wiki/Security_Center

https://nvd.nist.gov/vuln/detail/CVE-2022-41352

Related News Articles

BadPilot network hacking campaign fuels Russian SandWorm attacksFebruary 13, 2025

Microsoft: Russia's Sandworm APT Exploits Edge Bugs GloballyFebruary 13, 2025

Microsoft Uncovers Sandworm Subgroup's Global Cyber Attacks Spanning 15+ CountriesFebruary 13, 2025