Zimbra file upload enabling webshell deployment. Chained with CVE-2022-37042 auth bypass for unauthenticated exploitation. Apply August 2022 patches and audit for webshells in Zimbra webroot directories.
Zimbra Collaboration arbitrary file upload via mboximport functionality when authenticated as an administrator.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →