High severity7.5NVD Advisory· Published Jul 9, 2025· Updated Apr 15, 2026
CVE-2025-53645
CVE-2025-53645
Description
Zimbra Collaboration (ZCS) before 9.0.0 Patch 46, 10.0.x before 10.0.15, and 10.1.x before 10.1.9 is vulnerable to a denial of service condition due to improper handling of excessive, comma-separated path segments in the Admin Console. An unauthenticated remote attacker can send specially crafted GET requests that trigger redundant processing and inflated responses. This leads to uncontrolled resource consumption, resulting in denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <9.0.0 Patch 46, <10.0.15, <10.1.9
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.