TopVuln

High-risk vulnerability digests

CVE-2022-27925

  • KEV
  • Ransomware

Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability

Details

CISA date
2022-08-11
Affected versions
Zimbra Collaboration Suite (ZCS)
Summary
Synacor Zimbra Collaboration Suite (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attacker to upload arbitrary files to perform remote code execution. This vulnerability was chained with CVE-2022-37042 which allows for unauthenticated remote code execution.
Remediation
Apply updates per vendor instructions.
Exploit info
No exploit-tagged NVD references in our cache; see the CISA KEV link below.

View on NVD  ·  CISA KEV catalog

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.