Remote Code Execution Vulnerability in Zimbra Collaboration by Zimbra

CVE-2022-45912

What is CVE-2022-45912?

A significant vulnerability has been identified in Zimbra Collaboration Suite (ZCS) versions 8.8.15 and 9.0 that allows authenticated admin users to execute remote code through the ClientUploader functionality. By leveraging this weakness, an admin can upload malicious files that traverse the directory structure, potentially compromising system integrity and security.

References