Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-45912: CVE-2022-45912

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. Remote code execution can occur through ClientUploader by an authenticated admin user. An authenticated admin user can upload files through the ClientUploader utility, and traverse to any other directory for remote code execution.

CVE
Open in Source
#rce#auth

[cve ID]

CVE-2022-45912

[PRODUCT]

Zimbra

[VERSION]

ZCS 8.8.15 ZCS 9.0.0

[PROBLEM TYPE]

RCE

[DESCRIPTION]

RCE through ClientUploader from authenticated admin user.

Related news

CVE-2023-29382: Security Center - Zimbra :: Tech Center

An issue in Zimbra Collaboration ZCS v.8.8.15 and v.9.0 allows an attacker to execute arbitrary code via the sfdc_preauth.jsp component.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE