Exploit for #VU66173 Path traversal in Zimbra Collaboration

Published: 2022-08-13 | Updated: 2023-12-19

Vulnerability identifier: #VU66173

Vulnerability risk: Medium

CVSSv4.0: 5.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:A/U:Green]

CVE-ID: CVE-2022-27925

CWE-ID: CWE-22

Exploitation vector: Network

Exploits in database: 13

December 19, 2023
- CVE-2022-27925-Revshell (Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)) [Github]
October 2, 2022
- CVE-2022-27925 (A loader for zimbra 2022 rce (cve-2022-27925)) [Github]
September 18, 2022
- CVE-2022-27925-Revshell () [Github]
September 12, 2022
- CVE-2022-27925 (CVE-2022-27925 nuclei template) [Github]
September 7, 2022
- CVE-2022-27925 (Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)) [Github]
August 28, 2022
- CVE-2022-27925-Revshell (Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)) [Github]
August 23, 2022
- Zip Path Traversal in Zimbra (mboximport) (CVE-2022-27925) [Metasploit]
August 21, 2022
- CVE-2022-27925 (Zimbra CVE-2022-27925 PoC) [Github]
- CVE-2022-27925 () [Github]
August 20, 2022
- CVE-2022-27925 () [Github]
- Zimbra_CVE-2022-37042-_CVE-2022-27925 () [Github]
August 16, 2022
- CVE-2022-27925 () [Github]
August 13, 2022
- CVE-2022-27925-PoC (Zimbra RCE simple poc) [Github]

Vulnerable software:
Zimbra Collaboration
Web applications / Webmail solutions

Vendor: Synacor Inc.