#SMTPserver

Critical Zimbra RCE flaw exploited to backdoor servers using emails

by

October 2, 2024 at 10:35AM Hackers are exploiting a Zimbra email server vulnerability (CVE-2024-45519) by sending specially crafted emails to the SMTP server, allowing them to execute commands. Malicious activity was detected by Proofpoint and a proof-of-concept exploit was released, urging users to update to secure versions or take preventive measures as listed. After reviewing … Read more

Critical Zimbra RCE flaw actively exploited to take over servers

by

October 2, 2024 at 10:20AM Cyber attackers are exploiting a Zimbra email server vulnerability (CVE-2024-45519) using specially crafted emails to trigger remote code execution. Proofpoint detected this “mass-exploitation,” as malicious emails spoofing Gmail deploy fake addresses and harmful code in the CC field. Installation of the webshell via the exploit provides full access to the … Read more