Jump to content
Nytro

(CVE-2022-41352) Zimbra Unauthenticated RCE

Recommended Posts

(CVE-2022-41352) Zimbra Unauthenticated RCE

CVE-2022-41352 is an arbitrary file write vulnerability in Zimbra mail servers due to the use of a vulnerable cpio version.

 

Affected Zimbra versions:

  • Zimbra <9.0.0.p27
  • Zimbra <8.8.15.p34

 

(Refer to the patch notes for more details.)

 

Remediation:

In order to fix the vulnerability apply the latest patch (9.0.0.p27 and 8.8.15.p34 respectively) - or install pax and restart the server.

Usage:

You can either use flags or manipulate the default configuration in the script manually (config block at the top). Use -h for help.

$ python cve-2022-41352.py -h

$ vi cve-2022-41352.py
# Change the config items.

$ python cve-2022-41352.py manual
# This will create an attachment that you can then send to the target server.
# The recipient does not necessarily have to exist - if the email with the attachment is parsed by the server the arbitrary file write in cpio will be triggered.

Example:

example

Demo:

 zimbra-rce-demo-cve-2022-41352.mp4 

About

Zimbra <9.0.0.p27 RCE

 
  • Thanks 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...