Share
## https://sploitus.com/exploit?id=DB5E7402-168E-5C80-9140-6489A3467769
# CVE-2025-68645 - Zimbra Path Traversal Vulnerability

[![Security](https://img.shields.io/badge/Severity-High-red)]()
[![CVE](https://img.shields.io/badge/CVE-2025--68645-blue)]()
[![Python](https://img.shields.io/badge/Python-3.7%2B-green)]()
[![License](https://img.shields.io/badge/License-MIT-yellow.svg)]()
[![Status](https://img.shields.io/badge/Status-Proof%20of%20Concept-orange)]()

## ๐Ÿ“‹ Overview

**CVE-2025-68645** is a path traversal vulnerability in **Zimbra Collaboration Suite** that allows unauthenticated attackers to read arbitrary files from the server's filesystem.

### Vulnerable Endpoint
/h/printconversations?javax.servlet.include.servlet_path=


## ๐ŸŽฏ Impact

| Impact | Severity |
|--------|----------|
| Unauthenticated file read | ๐Ÿ”ด High |
| Configuration disclosure | ๐Ÿ”ด High |
| Credential leakage | ๐Ÿ”ด High |
| Internal network mapping | ๐ŸŸ  Medium |

## ๐Ÿ“ Readable Files

| Path | Information Exposed |
|------|---------------------|
| `/WEB-INF/web.xml` | Servlet mappings, security constraints |
| `/WEB-INF/zcs.web.xml` | Zimbra-specific configuration |
| `/opt/zimbra/conf/localconfig.xml` | LDAP credentials, database passwords |
| `/opt/zimbra/conf/ldap-config.xml` | LDAP server configuration |
| `/opt/zimbra/conf/attrs/zimbra-attrs.xml` | System attributes |
| `/WEB-INF/classes/logging.properties` | Logging configuration |