Cve20207796 Zimbra Collaboration Suite Full __hot__ Jun 2026

The JSP shell is uploaded to /public/evil.jsp . Maya accesses it directly: https://mail.logi-core.com/public/evil.jsp . A reverse shell connects back to her laptop.

SSRF vulnerabilities occur when an attacker can abuse the functionality of a web application to force it to send crafted requests to a destination of the attacker’s choosing. cve20207796 zimbra collaboration suite full

If patching isn't immediately possible, implement network-level controls to restrict outbound connections from the Zimbra server to only essential destinations. Verification: After patching, use the zmcontrol -v command to verify your current patch level. The JSP shell is uploaded to /public/evil

Do you need steps for specifically?

(Note: Be sure to restart your mailbox service or redeploy the zimlet to ensure the change takes full effect.) CVE-2020-7796 Detail - NVD SSRF vulnerabilities occur when an attacker can abuse

Shortly after disclosure, proof-of-concept (PoC) code became publicly available. Due to the ease of exploitation (sending a malicious email), this vulnerability was widely exploited in the wild by botnets and advanced persistent threat (APT) actors.