Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite
Threat Level – Red | Vulnerability Report
Download PDFThe active exploitation of an unpatched CVE-2022-41352 remote code execution (RCE) vulnerability found in the Zimbra Collaboration Suite (ZCS). It empowers attackers to upload arbitrary files and execute malicious operations on vulnerable hosts. The bug exists as a result of amavis insecure fallback to utilizing cpio to extract files if the pax package is not installed on the system.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox