Browse all 35 CVE security advisories affecting Zohocorp. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zohocorp primarily develops and distributes web application servers, most notably the Zimbra Collaboration Suite, which facilitates enterprise email and document management. Security audits have identified thirty-five Common Vulnerabilities and Exposures (CVEs) associated with its software ecosystem. Historically, these flaws predominantly involve remote code execution and cross-site scripting, allowing attackers to bypass authentication or inject malicious scripts into web interfaces. Privilege escalation vulnerabilities have also been documented, enabling unauthorized users to gain administrative control over compromised systems. While no single catastrophic incident defines the company’s entire history, the recurring nature of these critical flaws highlights persistent challenges in input validation and access control within its legacy codebase. The accumulation of these CVEs underscores the necessity for rigorous patch management and continuous security monitoring for organizations relying on Zohocorp’s infrastructure, as unaddressed vulnerabilities remain a significant risk vector for data breaches and system compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-9435 | Path Traversal — ManageEngine ADManager PlusCWE-22 | 5.5 | Medium | 2026-01-13 |
| CVE-2025-11670 | NTLM Hash Exposure Vulnerability — ManageEngine ADManager PlusCWE-200 | 6.4 | Medium | 2025-12-15 |
| CVE-2025-10020 | Command Injection — ManageEngine ADManager PlusCWE-77 | 8.5 | High | 2025-10-21 |
This page lists every published CVE security advisory associated with Zohocorp. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.