Vulnerability Details : CVE-2013-7091
Public exploit exists!
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: this can be leveraged to execute arbitrary code by obtaining LDAP credentials and accessing the service/admin/soap API.
Vulnerability category: Directory traversalExecute code
Exploit prediction scoring system (EPSS) score for CVE-2013-7091
Probability of exploitation activity in the next 30 days: 97.34%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2013-7091
-
Zimbra Collaboration Server LFI
Disclosure Date: 2013-12-06First seen: 2020-04-26exploit/unix/webapp/zimbra_lfiThis module exploits a local file inclusion on Zimbra 8.0.2 and 7.2.2. The vulnerability allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen credentials allow the attacker to make requests to the service/admin/soap API. This can t
CVSS scores for CVE-2013-7091
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2013-7091
-
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-7091
-
http://www.exploit-db.com/exploits/30472
Zimbra Collaboration Server 7.2.2/8.0.2 - Local File Inclusion (Metasploit) - Linux webapps Exploit
-
http://www.securityfocus.com/bid/64149
Zimbra 'skin' Parameter Local File Include Vulnerability
-
http://www.exploit-db.com/exploits/30085
Zimbra 2009-2013 - Local File Inclusion - Linux webapps ExploitExploit
-
http://packetstormsecurity.com/files/124321
Zimbra Local File Inclusion ≈ Packet Storm
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/89527
Zimbra Multiple File Include CVE-2013-7091 Vulnerability Report
Products affected by CVE-2013-7091
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.16:*:*:*:*:*:*:*