This report identifies hosts that have the Hypertext Transfer Protocol (HTTP) service running on some port that may have a vulnerability.
It currently focuses on the following vulnerabilities:
Zimbra Communication Suite – a CVE-2022-37042 vulnerability discovered by Volexity (blog published 2022-08-10) that allows for remote code execution, and has been exploited in the wild since at least June 2022. This vulnerability was patched in Zimbra releases ZCS 9.0.0 Patch 26 and ZCS 8.8.15 Patch 33, July 28th,2022. If you receive a report on an IP tagged cve-2022-37042 it is likely you are vulnerable to this exploit and possibly already compromised (which may involve a webshell being installed by an attacker). Please note we are making this assessment entirely on the ZCS build time, and tagging all versions earlier than 2022-07-26 build time as vulnerable. Hence, there is a possibility of false positives.
![[correlate]](/data/avatars/m/79/79653.jpg?1556985072){kind=avatar}
www.shadowserver.org
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
