CVE-2022-27925

216.73.216.6

· Published 11/08/2022 02:00 · Modified 20/12/2025 22:21 · Author: Cybersecurity and Infrastructure Security Agency

Labels: CVE-2022-27925

Essential information

Published: 11/08/2022 02:00
Modified: 20/12/2025 22:21
Author: Cybersecurity and Infrastructure Security Agency
Creator: Cybersecurity and Infrastructure Security Agency
CISA KEV: Yes
CWE: —
CVSS vector

Description

Synacor Zimbra Collaboration Suite (ZCS) contains flaw in the mboximport functionality, allowing an authenticated attacker to upload arbitrary files to perform remote code execution. This vulnerability was chained with CVE-2022-37042 which allows for unauthenticated remote code execution.

NVD status

NVD: View on NVD