Cve20207796 Zimbra Collaboration Suite Full May 2026

The exploitation of this vulnerability is relatively straightforward, making it a prime target for threat actors. The attack chain typically proceeds as follows:

It is easy to confuse CVE-2020-27996 with its contemporaries: cve20207796 zimbra collaboration suite full

| CVE | Type | Auth Required | Impact | |-----|------|---------------|--------| | CVE-2020-27988 | Path traversal to mail read | No | Unauthenticated mail fetch | | CVE-2020-28016 | SSRF via proxy | No | Internal port scanning, limited info leak | | CVE-2020-27996 | RCE via extension/proxy | No | Full system compromise | CVE ID: CVE-2020-7796 Severity: High (CVSS 7

CVE-2020-27988 and CVE-2020-28016 are dangerous but limited to information disclosure. CVE-2020-27996 is a true RCE. cve20207796 zimbra collaboration suite full

CVE ID: CVE-2020-7796 Severity: High (CVSS 7.5 – 8.2 depending on configuration) Affected Software: Zimbra Collaboration Suite (ZCS) versions prior to 8.8.15.patch7 and 8.8.12.patch11. Vulnerability Type: Unrestricted Upload of File with Dangerous Type (Remote Code Execution)