Client Application Firewall
Zimbra.Collaboration.Mboximport.Unrestricted.File.Upload
Description
This indicates an attack attempt to exploit an Unrestricted File Upload Vulnerability in Zimbra Collaboration.
This vulnerability is due to improper input validation. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the target server. Successfully exploiting this vulnerability can result in uploading of web shells and remote code execution.
Outbreak Alert
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files. By bypassing authentication, an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. The vulnerability exists due to an incomplete fix for CVE-2022-27925.
Affected Products
Zimbra Collaboration 8.8.15 before Patch 33
Zimbra Collaboration 9.0.0 before Patch 26
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://wiki.zimbra.com/wiki/Security_Center
Version Updates
Date | Version | Detail |
---|---|---|
2022-08-17 | 21.376 |