Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2022-27925
PUBLISHEDZimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated...
- Vendor
- Zimbra
- Product
- Collaboration
- Published
- Apr 20, 2022
- EPSS
- —
Description
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.
CVSS scores
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AV:N/AC:L/Au:S/C:P/I:P/A:P
SSVC decision points
- Exploitation
- active
- Automatable
- No
- Technical impact
- total
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CISA | Aug 11, 2022 |
Scanner integrations
| Scanner | Reference | Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/zimbra_mboximport_cve_2022_27925.rb | Apr 28, 2025 |
Potential proof of concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2022-10-01 10:33:55 UTC · 16 stars
A loader for zimbra 2022 rce (cve-2022-27925)
github · Created 2022-09-17 22:24:32 UTC · 1 stars
github · Created 2022-09-12 08:30:30 UTC · 2 stars
CVE-2022-27925 nuclei template
github · Created 2022-08-26 20:19:48 UTC · 4 stars
Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)
github · Created 2022-08-20 15:58:29 UTC · 43 stars
Zimbra CVE-2022-27925 PoC
github · Created 2022-08-14 22:22:55 UTC · 56 stars
Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)
github · Created 2022-08-12 18:35:52 UTC · 67 stars
Zimbra RCE simple poc
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Exploit Used in Malware
-
Added to KEVIntel
-
Detected by Metasploit