CVE-2022-41352
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
CVSS
—
Sin CVSS
EPSS
95.5%
p100
KEV
SÍ
20 oct 2022
Exploit Today
80
0-100
Publicado: — · Última mod.: —
95.5%EPSS · 30 días95.5%
2026-06-302026-07-16
Producto
Synacor / Zimbra Collaboration Suite (ZCS)
Vulnerabilidad
Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability
Añadido a KEV
20 oct 2022
Remediar antes de
10 nov 2022
Uso conocido en ransomware
No
Descripción resumida
Synacor Zimbra Collaboration Suite (ZCS) allows an attacker to upload arbitrary files using cpio package to gain incorrect access to any other user accounts.
Acción requerida
Apply updates per vendor instructions.
Notas
https://wiki.zimbra.com/wiki/Security_Center; https://nvd.nist.gov/vuln/detail/CVE-2022-41352
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2024-45519—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability—CVE-2019-9670—100.0%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference—CVE-2022-27925—99.9%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability—CVE-2022-37042—99.8%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability—CVE-2022-27924—99.7%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability—CVE-2019-9621—99.6%
KEV—80Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability—