CVE-2022-27925

Name of the Vulnerable Software and Affected Versions Zimbra Collaboration (ZCS) versions 8.8.15 through 9.0

Description The issue concerns the mboximport functionality in Zimbra Collaboration, which allows an authenticated user with administrator rights to upload arbitrary files to the system, leading to directory traversal. This can be exploited by a remote attacker to upload arbitrary files. There are indicators showing that threat actors are using this issue to access user mailboxes and send scams.

Recommendations For Zimbra Collaboration versions 8.8.15 through 9.0, apply the available patch to fix the authenticated remote code execution issue. As a temporary workaround, consider restricting access to the mboximport functionality until the patch is applied. Restrict administrator rights to minimize the risk of exploitation.