maoning
commented
2 years ago Hi @Zxxxx, thank you for opening the request. After reviewing this vulnerability ref, there are a few concerns about how Tsunami scanner can verify the vulnerability:
- A zip file upload is needed, and it's uncertain if there's a way to delete the file afterwards. Ideally Tsunami doesn't leave any permanent state changing results on the server.
- The exploit used in the ref uploads a jsp file via zip to Zimbra's public directory, and makes a get request to that file to trigger it. This would require us to guess the Zimbra server directory location, and the detector could miss non-standard Zimbra installations.
Please let me know if you have a more reliable way in mind to detect this vulnerability to address the concerns above.
Hello. I want to contribute to the tsunami scanner with a detector plugin to detect CVE-2022-27925 vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2022-27925 https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P24
The vulnerability has been assigned a CVE ID CVE-2022-27925 ,the severity level of the vulnerability is HIGH : CVSS score: 7.2 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Zimbra versions 8.8.15 patch 33 or 9.0.0 patch 26 were deemed vulnerable by the vendor
allow a remote, unauthenticated attacker to execute arbitrary code via.