CVE-2025-68645

The repository contains a Python script designed to scan for CVE-2025-68645, a local file inclusion vulnerability in Zimbra Collaboration. It checks for the presence of 'context-param' and 'param-value' in the response from '/h/rest?javax.servlet.include.servlet_path=/WEB-INF/web.xml'.

The repository contains obfuscated Python code using PyArmor, which is highly suspicious and indicative of malicious intent. The lack of clear exploit details and the use of obfuscation suggest this is a deceptive payload rather than a legitimate PoC.

The repository contains a Python-based scanner for detecting CVE-2025-68645, a Local File Inclusion (LFI) vulnerability in Zimbra Collaboration Suite. It tests multiple payloads against various endpoints to confirm vulnerability but does not include exploit code for actual file retrieval or further exploitation.

This repository contains a Python-based scanner for detecting CVE-2025-68645, an LFI vulnerability in Zimbra Collaboration Suite via the `/h/printcalendar` endpoint. It tests multiple payloads to identify improper path normalization in the `javax.servlet.include.servlet_path` parameter.

This repository contains a Python-based scanner for detecting CVE-2025-68645, an LFI vulnerability in Zimbra Collaboration Suite via the `/h/printcalendar` endpoint. It tests multiple payloads to identify improper path normalization but does not include exploit code for actual file inclusion.

This repository provides defensive security content for CVE-2025-68645, an LFI vulnerability in Zimbra Classic UI. It includes detection rules, mitigation guidance, and advisory details but explicitly excludes exploit code.

This repository provides a detailed technical analysis of CVE-2025-68645, an LFI vulnerability in Zimbra Collaboration's Webmail Classic UI due to improper input validation in the RestFilter servlet. It includes a PoC request, affected versions, remediation steps, and references.