Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

The active exploitation of an unpatched CVE-2022-41352 remote code execution (RCE) vulnerability found in the Zimbra Collaboration Suite (ZCS). It empowers attackers to upload arbitrary files and execute malicious operations on vulnerable hosts. The bug exists as a result of amavis insecure fallback to utilizing cpio to extract files if the pax package is not installed on the system.