Detections
Analytics

Zimbra Collaboration Server 10.0.x < 10.0.18, 10.1.x < 10.1.13 Local File Inclusion

high Nessus Plugin ID 297134

Synopsis

The remote web server contains a web application that is affected by a server side request forgery vulnerability.

Description

A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to version 10.0.18, 10.1.13 or later.

See Also

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.18

https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.13

https://wiki.zimbra.com/wiki/Security_Center

https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

Plugin Details

Severity: High

ID: 297134

File Name: zimbra_CVE-2025-68645.nasl

Version: 1.1

Type: combined

Agent: unix

Family: CGI abuses

Published: 1/29/2026

Updated: 1/29/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2025-68645

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:zimbra:collaboration_suite

Required KB Items: installed_sw/zimbra_zcs

Patch Publication Date: 11/6/2025

Vulnerability Publication Date: 11/6/2025

Reference Information

CVE: CVE-2025-68645