Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
remote access vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2020-8422
An authorization issue exists in the Credential Manager feature in Zoho ManageEngine Remote Access Plus prior to 10.0.450. A user with the Guest role can extract the collection of all defined credentials of remote machines: the credential name, credential type, user name, domain/...
Zohocorp Manageengine Remote Access Plus
5
CVSSv2
CVE-2022-26653
Zoho ManageEngine Remote Access Plus prior to 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).
Zohocorp Manageengine Remote Access Plus
5
CVSSv2
CVE-2022-26777
Zoho ManageEngine Remote Access Plus prior to 10.1.2137.15 allows guest users to view license details.
Zohocorp Manageengine Remote Access Plus
5
CVSSv2
CVE-2021-41827
Zoho ManageEngine Remote Access Plus prior to 10.1.2121.1 has hardcoded credentials for read-only access. The credentials are in the source code that corresponds to the DCBackupRestore JAR archive.
Zohocorp Manageengine Remote Access Plus
5
CVSSv2
CVE-2021-41828
Zoho ManageEngine Remote Access Plus prior to 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml.
Zohocorp Manageengine Remote Access Plus
5
CVSSv2
CVE-2021-41829
Zoho ManageEngine Remote Access Plus prior to 10.1.2121.1 relies on the application's build number to calculate a certain encryption key.
Zohocorp Manageengine Remote Access Plus
3.5
CVSSv2
CVE-2019-16268
Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen.
Zohocorp Manageengine Remote Access Plus 10.0.259
6.5
CVSSv2
CVE-2019-11361
Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover.
Zohocorp Manageengine Remote Access Plus 10.0.258
4
CVSSv2
CVE-2019-20474
An issue exists in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role (read-only access) to use and abuse it. One of the abuses allows performing network and port...
Zohocorp Manageengine Remote Access Plus 10.0.447
10
CVSSv2
CVE-2016-9682
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI (/cgi-bin/diagnostics) component responsible for emailing out inf...
Dell Sonicwall Secure Remote Access Server 8.1.0.2-14sv
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »