⚠️ CVE-2024-45519 is a critical remote code execution (RCE) vulnerability in Zimbra's Postjournal service. Attackers can exploit this flaw to execute arbitrary commands and gain control of affected systems.
🛠 Affected Versions:
Zimbra 8.8.15 (before Patch 46)
Zimbra 9 (before Patch 41)
Zimbra 10 (before 10.0.9)
Zimbra 10.1 (before 10.1.1)
🔥 Exploit Impact:
✅ Unauthenticated remote code execution
✅ Compromise of Zimbra email servers
✅ Potential data theft & service disruption
🖥️ Lab Setup
1️⃣ Prepare the Test Environment
🛠️ Use Ubuntu 20.04.6 LTS as the lab machine.
2️⃣ Download Zimbra
📥 Run the following commands:
sudo su
wget
tar -xvzf zcs-NETWORK-8.8.15_GA_4177.UBUNTU20_64.20211112014220.tgz
cd zcs-NETWORK-8.8.15_GA_4177.UBUNTU20_64.20211112014220
3️⃣ Configure HOSTNAME
🔧 Set the hostname:
hostnamectl set-hostname zimbra.labo
4️⃣ Install Zimbra : Follow the installation guide here
5️⃣ Replace Vulnerable POSTJournal Binary
💀 Replace the binary with a vulnerable version:
sudo pkill postjournal
dpkg-deb -x packages/zimbra-core_8.8.15.GA.4177.UBUNTU20.64_amd64.deb /tmp/zimbra-core
sudo cp /tmp/zimbra-core/opt/zimbra/libexec/postjournal /opt/zimbra/libexec/postjournal
6️⃣ Enable & Restart Zimbra Services
♻️ Active postjournal
sudo su - zimbra
zmlocalconfig -e postjournal_enabled=true
zmcontrol restart
⚠️ Important: This setup is for security research and patch testing only. Ensure responsible disclosure and update your Zimbra server immediately! 🚀🔒
🛠 Affected Versions:
Zimbra 8.8.15 (before Patch 46)
Zimbra 9 (before Patch 41)
Zimbra 10 (before 10.0.9)
Zimbra 10.1 (before 10.1.1)
🔥 Exploit Impact:
✅ Unauthenticated remote code execution
✅ Compromise of Zimbra email servers
✅ Potential data theft & service disruption
🖥️ Lab Setup
1️⃣ Prepare the Test Environment
🛠️ Use Ubuntu 20.04.6 LTS as the lab machine.
2️⃣ Download Zimbra
📥 Run the following commands:
sudo su
wget
tar -xvzf zcs-NETWORK-8.8.15_GA_4177.UBUNTU20_64.20211112014220.tgz
cd zcs-NETWORK-8.8.15_GA_4177.UBUNTU20_64.20211112014220
3️⃣ Configure HOSTNAME
🔧 Set the hostname:
hostnamectl set-hostname zimbra.labo
4️⃣ Install Zimbra : Follow the installation guide here
5️⃣ Replace Vulnerable POSTJournal Binary
💀 Replace the binary with a vulnerable version:
sudo pkill postjournal
dpkg-deb -x packages/zimbra-core_8.8.15.GA.4177.UBUNTU20.64_amd64.deb /tmp/zimbra-core
sudo cp /tmp/zimbra-core/opt/zimbra/libexec/postjournal /opt/zimbra/libexec/postjournal
6️⃣ Enable & Restart Zimbra Services
♻️ Active postjournal
sudo su - zimbra
zmlocalconfig -e postjournal_enabled=true
zmcontrol restart
⚠️ Important: This setup is for security research and patch testing only. Ensure responsible disclosure and update your Zimbra server immediately! 🚀🔒