Arbitrary Code Execution and Information Disclosure Vulnerability in Zimbra ZCS 8.8.15

Arbitrary Code Execution and Information Disclosure Vulnerability in Zimbra ZCS 8.8.15

CVE-2023-34193 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

File Upload vulnerability in Zimbra ZCS 8.8.15 allows an authenticated privileged user to execute arbitrary code and obtain sensitive information via the ClientUploader function.

Learn more about our User Device Pen Test.