ghen wrote:Yes, we did the same on 8.8.15 (we don't want to go to P33 yet because of this regression).
Code: Select all
# block MailboxImportServlet requests for CVE-2022-37042 exploit location = /service/extension/backup/mboximport { return 403; }
Hi Ghen
first of all thanks for your tips. Just a question: you are on Network edition right? Because I'm trying the "curl" command and get a 404 instead of 401 . I tried both on 8.8.15 patch 31 OSS and 9 OSS. It seems only NE is affected. Can you confirm?