AI description
CVE-2025-68645 is a Local File Inclusion (LFI) vulnerability found in the Webmail Classic UI of Zimbra Collaboration (ZCS) versions 10.0 and 10.1. This vulnerability stems from the improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can exploit this vulnerability by crafting requests to the `/h/rest` endpoint. This allows the attacker to influence internal request dispatching, leading to the inclusion of arbitrary files from the WebRoot directory.
- Description
- A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-98
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
21
C'est la fête du mail 😭 ⚠ SmarterMail CVE-2025-52691 🡇Téléversement pré-auth de fichier /api/upload Detect https://t.co/L062in71SZ ⚠ Zimbra CVE-2025-68645 🡅Téléchargement pré-auth de fichier PoC http://cible/h/rest?javax.servlet.include.servlet_path=/WEB-INF
@mynameisv_
31 Dec 2025
92 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
/h/rest is not only router to exploit #CVE-2025-68645
@Hibawb6CJ01179
31 Dec 2025
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-68645 - high 🚨 Zimbra Collaboration - Local File Inclusion > Zimbra Collaboration (ZCS) 10.0 and 10.1 contain a local file inclusion caused by imp... 👾 https://t.co/rJeusagtdG @pdnuclei #NucleiTemplates #cve
@pdnuclei_bot
31 Dec 2025
386 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-68645 poc http://127.0.0.1/h/rest?javax.servlet.include.servlet_path=/WEB-INF/web.xml #CVE
@sirifu4k1
30 Dec 2025
17281 Impressions
24 Retweets
108 Likes
84 Bookmarks
1 Reply
1 Quote
CVE-2025-68645 poc? it's really hard to repeat it.
@Hibawb6CJ01179
29 Dec 2025
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zimbra patches a high-severity LFI (CVE-2025-68645) allowing unauthenticated file access and a Flickr Zimlet credential leak. Upgrade to v10.1.13! #Zimbra #ZCS #CyberSecurity #LFI #Infosec #Vulnerability #PatchNow #CVE202568645 https://t.co/uMlKDhk5iS
@the_yellow_fall
25 Dec 2025
1851 Impressions
11 Retweets
38 Likes
13 Bookmarks
0 Replies
0 Quotes
🟠 CVE-2025-68645 - High A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the... https://t.co/u3D9ie1HV4 https://t.co/BeI5VSNMxX
@TheHackerWire
22 Dec 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes