Security News > 2024 > October > Critical Zimbra RCE flaw exploited to backdoor servers using emails

Critical Zimbra RCE flaw exploited to backdoor servers using emails

2024-10-02 14:15

Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. [...]

News URL

https://www.bleepingcomputer.com/news/security/critical-zimbra-rce-flaw-exploited-to-backdoor-servers-using-emails/

#backdoor #critical #email #RCE #server #zimbra

Related news

Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)
Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
SAP fixes critical vulnerabilities in NetWeaver application servers (source)
Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
The curious story of Uncle Sam's HR dept, a hastily set up email server, and fears of another cyber disaster (source)
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits (source)
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors (source)
Critical RCE bug in Microsoft Outlook now exploited in attacks (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Zimbra		7	0	40	16	8	64

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.