Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine opmanager msp vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-43473
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve a malicious XML payload to trigger this vulnerability.
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus
Zohocorp Manageengine Opmanager Msp 12.6
Zohocorp Manageengine Opmanager Msp
8.8
CVSSv3
CVE-2022-38772
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils prior to 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Oputils 12.6
Zohocorp Manageengine Oputils 12.5
Zohocorp Manageengine Netflow Analyzer 12.6
Zohocorp Manageengine Network Configuration Manager 12.6
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager Msp 12.5
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus 12.5
Zohocorp Manageengine Opmanager Msp 12.6
8.6
CVSSv3
CVE-2023-47211
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.7
Zohocorp Manageengine Oputils
Zohocorp Manageengine Oputils 12.7
Zohocorp Manageengine Firewall Analyzer 12.7
Zohocorp Manageengine Firewall Analyzer
Zohocorp Manageengine Netflow Analyzer 12.7
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Network Configuration Manager 12.7
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Opmanager Msp 12.7
Zohocorp Manageengine Opmanager Msp
Zohocorp Manageengine Opmanager Plus 12.7
Zohocorp Manageengine Opmanager Plus
7.5
CVSSv3
CVE-2022-36923
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils prior to 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated malicious users to obtain a user's AP...
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Firewall Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Oputils 12.6
Zohocorp Manageengine Oputils 12.5
Zohocorp Manageengine Firewall Analyzer 12.6
Zohocorp Manageengine Netflow Analyzer 12.6
Zohocorp Manageengine Network Configuration Manager 12.6
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager Msp 12.5
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus 12.5
Zohocorp Manageengine Opmanager Msp 12.6
1 Github repository
8.8
CVSSv3
CVE-2022-37024
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils prior to 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execut...
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Firewall Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Oputils 12.6
Zohocorp Manageengine Oputils 12.5
Zohocorp Manageengine Firewall Analyzer 12.6
Zohocorp Manageengine Netflow Analyzer 12.6
Zohocorp Manageengine Network Configuration Manager 12.6
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager Msp 12.5
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus 12.5
Zohocorp Manageengine Opmanager Msp 12.6
5.5
CVSSv3
CVE-2023-6105
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt prod...
Zohocorp Manageengine Mobile Device Manager Plus 10.1.2207.4
Zohocorp Manageengine Appcreator
Zohocorp Manageengine Analytics Plus
Zohocorp Manageengine Endpoint Central Msp
Zohocorp Manageengine Endpoint Central
Zohocorp Manageengine Remote Monitoring And Management
Zohocorp Manageengine Os Deployer
Zohocorp Manageengine Remote Access Plus
Zohocorp Manageengine Mobile Device Manager Plus
Zohocorp Manageengine Application Control Plus
Zohocorp Manageengine Vulnerability Manager Plus
Zohocorp Manageengine Browser Security Plus
Zohocorp Manageengine Patch Manager Plus
Zohocorp Manageengine Device Control Plus
Zohocorp Manageengine Endpoint Dlp Plus
Zohocorp Manageengine Adselfservice Plus 6.3
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.2
Zohocorp Manageengine Adaudit Plus 7.2
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Cloud Security Plus 4.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started