PHP file inclusion in Zimbra Collaboration - CVE-2024-33535

 

PHP file inclusion in Zimbra Collaboration - CVE-2024-33535

Published: September 4, 2024


Vulnerability identifier: #VU96813
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red
CVE-ID: CVE-2024-33535
CWE-ID: CWE-98
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Synacor Inc.
Affected software:
Zimbra Collaboration

Detailed vulnerability description

The vulnerability allows a remote attacker to include and execute arbitrary PHP files on the server.

The vulnerability exists due to incorrect input validation when including PHP files passed via the "packages" parameter in zimbraAdmin interface. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.


How to mitigate CVE-2024-33535

Install updates from vendor's website.

Sources