CVE ID: CVE-2020-7796 Severity: High (CVSS 7.5 – 8.2 depending on configuration) Affected Software: Zimbra Collaboration Suite (ZCS) versions prior to 8.8.15.patch7 and 8.8.12.patch11. Vulnerability Type: Unrestricted Upload of File with Dangerous Type (Remote Code Execution) Executive Summary CVE-2020-7796 represents a critical security vulnerability discovered in the Zimbra Collaboration Suite (ZCS), a popular email and collaboration platform used widely by enterprises and governments. This flaw allows an unauthenticated remote attacker to upload arbitrary files to the server. In specific configurations, this can lead to Remote Code Execution (RCE), granting the attacker full control over the mail server and access to sensitive email data. The Vulnerability Mechanism The core of CVE-2020-7796 lies in the improper validation of user input within the "mboximport" functionality. Blue 4k Activation Code Verified ✓