CVE-2022-37042

Description

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code execution. NOTE: this issue exists because of an incomplete fix for CVE-2022-27925.

NVD
Severity: CRITICAL
CVE ID: CVE-2022-37042
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

Nuclei Templates for CVE-2022-37042

Refrence: Project Discovery GitHub

GreyNoise-Intelligence

Refrence: GitHub

aels

Zimbra CVE-2022-37042 Nuclei weaponized template

Refrence: GitHub

0xf4n9x

CVE-2022-37042 Zimbra Auth Bypass leads to RCE

Refrence: GitHub

Description​

Proof Of Concept​

Description

Proof Of Concept