Enable build support by adding .buildspec.yml
README.md | Loading last commit info... | |
cve-2022-41352.py |
README.md
(CVE-2022-41352) Zimbra Unauthenticated RCE
CVE-2022-41352 is an arbitrary file write vulnerability in Zimbra mail servers due to the use of a vulnerable
cpio
version.
Affected Zimbra versions:
- Zimbra <9.0.0.p27
- Zimbra <8.8.15.p34
(Refer to the patch notes for more details.)
Remediation:
In order to fix the vulnerability apply the latest patch (9.0.0.p27 and 8.8.15.p34 respectively) - or install pax
and restart the server.
Usage:
$ vi cve-2022-41352.py
# change the config items
$ python3 cve-2022-41352.py
Usage: ./cve-2022-41352.py <mode>
Where <mode> is one of:
manual : Only create the payload - you have to deploy the payload yourself.
auto : Create a webshell and deploy it via plain SMTP (without authentication).
fullpwn : After deploying a webshell, add a new global mail administrator.
Edit the script to change the target and other options.
$ python3 cve-2022-41352.py fullpwn
Demo: