Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-9670
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML External Entity injection (XXE) vulnerability, as demonstrated by Autodiscover/Autodiscover.xml.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Zimbra Collaboration Suite 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Synacor Zimbra Collaboration Suite(ZCS)是美国Synacor公司的一款开源协同办公套件。该产品包括WebMail、日历、通信录等。 Zimbra ZCS 8.5版本至8.7.11版本中存在代码问题漏洞。该漏洞源于网络系统或产品的代码开发过程中存在设计或实现不当的问题。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2019-9670
#POC DescriptionSource LinkShenlong Link
1Zimbra RCE PoC - CVE-2019-9670 XXE/SSRFhttps://github.com/rek7/Zimbra-RCEPOC Details
2Zimbra RCE CVE-2019-9670https://github.com/attackgithub/Zimbra-RCEPOC Details
3🔥 Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.https://github.com/oppsec/arbimzPOC Details
4🕵️ Yet another CVE-2019-9670 exploit, but in Golang.https://github.com/oppsec/zaberPOC Details
5CVE-2019-9670 is used to find XXE bughttps://github.com/Cappricio-Securities/CVE-2019-9670POC Details
6Nonehttps://github.com/OracleNep/CVE-2019-9670-DtdFilegenerationPOC Details
7🔥 Arbimz is a python tool created to exploit the vulnerability on Zimbra assigned as CVE-2019-9670.https://github.com/000pp/arbimzPOC Details
8🕵️ Yet another CVE-2019-9670 exploit, but in Golang.https://github.com/000pp/zaberPOC Details
9Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML external entity injection (XXE) vulnerability via the mailboxd component.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-9670.yamlPOC Details
10Zimbra XXE Vul,may Control your Server with AdminPort SSRFhttps://github.com/chaitin/xray-plugins/blob/main/poc/manual/zimbra-cve-2019-9670-xxe.ymlPOC Details
11🕵️ Yet another CVE-2019-9670 exploit, but in Golang.https://github.com/Phuong39/zaberPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2019-9670
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2019-9670

No comments yet

Leave a comment