VYPR
Unrated severityCISA KEVNVD Advisory· Published Apr 20, 2022· Updated Oct 21, 2025

CVE-2022-27925

CVE-2022-27925

Description

Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. An authenticated user with administrator rights has the ability to upload arbitrary files to the system, leading to directory traversal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

2