Due to its high impact and active exploitation in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) added this vulnerability to its in February 2026. Vulnerability Details CVE ID: CVE-2020-7796 Vulnerability Type: Server-Side Request Forgery (SSRF) CVSS v3.1 Score: 9.8 (Critical) Affected Versions: All ZCS versions before 8.8.15 Patch 7
But the actual working exploit uses the ProxyServlet to access the local Mailboxd service’s admin interface, which in turn allows command execution via a crafted soap request. cve20207796 zimbra collaboration suite full
The vulnerability exists in the way Zimbra Drive processes file metadata. When a user or an attacker uploads a file with a malicious payload in the filename, the system fails to properly escape the characters before rendering them in the web interface. Due to its high impact and active exploitation
An unauthenticated remote attacker can leverage CVE-2020-7796 to accomplish several malicious objectives: When a user or an attacker uploads a
The flaw resides in how the servlet validates (or fails to validate) the file parameter. In a typical request:
: Malicious requests can be structured to fetch sensitive system properties, local application server configuration profiles, or system files, leading to systemic info-stealing campaigns. Vulnerable Versions and Conditions