RCE Vulnerability In UnRAR Library Affected Zimbra Platform

A extreme distant code execution vulnerability affected the Zimbra electronic mail shopper. The bug usually existed within the UnRAR library that might set off RCE on the Zimbra platform. Thankfully, the bug acquired a repair earlier than malicious exploitation.

Zimbra UnRAR Library Vulnerability

Researchers from Sonar recently shared insights a few extreme safety flaw affecting the Zimbra electronic mail platform.

Specifically, the researchers discovered a zero-day vulnerability in a third-party UnRAR utility utilized in Zimbra that might set off RCE. Exploiting the bug didn’t even require authentication. Describing the bug, CVE-2022-30333, the file write vulnerability within the RarLab’s unrar binary, the researchers acknowledged,

An attacker is ready to create recordsdata exterior of the goal extraction listing when an utility or sufferer consumer extracts an untrusted archive. If they will write to a recognized location, they’re probably to have the ability to leverage it in a approach resulting in the execution of arbitrary instructions on the system.

Although, the bug didn’t straight have an effect on Zimbra. Nonetheless, exploiting it may let an attacker entry the despatched and acquired emails on the compromised electronic mail server. An adversary may additionally deploy backdoors on compromised servers, steal credentials and different knowledge, and achieve entry to different unauthorized areas on the community. Such specific entry turned doable as a result of unhindered permissions to UnRar utility for Zimbra.

The researchers have shared the technical details of the vulnerability of their publish.

Patch Deployed

Following this discovery, Sonar researchers reported the matter to RarLab, and “gave a heads-up” to Zimbra for an upcoming repair.

Eventually, RarLab patched the vulnerability with UnRar binary model 6.12. Hence, all UnRar utility customers ought to get this patched model or later to obtain the repair.

Besides, Zimbra additionally addressed the glitch by configuring 7z as default for extracting RAR archives by Amavis as an alternative of UnRar.

Let us know your ideas within the feedback.


Related Posts