A still unpatched vulnerability (CVE-2022-41352) in Zimbra Collaboration is being exploited by attackers to achieve remote code execution on vulnerable servers. About the vulnerability Zimbra Collaboration (formerly Zimbra Collaboration Suite) is cloud-hosted collaboration software suite that also includes an email server component and a web client component. CVE-2022-41352 exists due to Zimbra’s Amavis antivirus engine using the cpio method to scan inbound emails. “CVE-2022-41352 is effectively identical to CVE-2022-30333 but leverages a different file format … More
The post Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: