Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp desktop central vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2018-5338
An issue exists in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism.
Zohocorp Manageengine Desktop Central 10.0.184
Zohocorp Manageengine Desktop Central 10.0.124
641
VMScore
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current di...
Zohocorp Manageengine Mobile Device Manager Plus 9.0.0
Zohocorp Manageengine Patch Connect Plus 9.0.0
Zohocorp Manageengine Vulnerability Manager Plus 9.0.0
Zohocorp Manageengine Patch Manager Plus 9.0.0
Zohocorp Manageengine Browser Security Plus -
Zohocorp Manageengine Eventlog Analyzer 12.0.2
Zohocorp Manageengine Supportcenter Plus 8.1
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Oputils 11.0
Zohocorp Manageengine Desktop Central 10.0.380
Zohocorp Manageengine Firewall 12.0
Zohocorp Manageengine Key Manager Plus 5.6
Zohocorp Manageengine Password Manager Pro 9.9
Zohocorp Manageengine Analytics Plus 1.0
Zohocorp Manageengine Servicedesk Plus 10.0.0
Zohocorp Manageengine O365 Manager Plus 4.0
Zohocorp Manageengine Netflow Analyzer 11.0
Zohocorp Manageengine Network Configuration Manager 11.0
641
VMScore
CVE-2018-13412
An issue exists in the Self Service Portal in Zoho ManageEngine Desktop Central prior to 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version.
Zohocorp Manageengine Desktop Central
1 Github repository
614
VMScore
CVE-2020-9367
The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build 10.0.486 is vulnerable to DLL Hijacking: dcinventory.exe and dcconfig.exe try to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because this DLL is missing from the installation...
Zohocorp Manageengine Desktop Central 10.0.486
605
VMScore
CVE-2020-15589
A design issue exists in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate in the client side of Zoho ManageEngine Desktop Central 10.0.552.W and Remote Access Plus prior to 10.1.2119.1. By exploiting this issue, an attacker-controlled server can fo...
Zohocorp Manageengine Desktop Central 10.0.552.w
Zohocorp Manageengine Remote Access Plus
1 Github repository
578
VMScore
CVE-2021-46164
Zoho ManageEngine Desktop Central prior to 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module.
Zohocorp Manageengine Desktop Central
578
VMScore
CVE-2018-5340
An issue exists in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).
Zohocorp Manageengine Desktop Central 10.0.124
Zohocorp Manageengine Desktop Central 10.0.184
578
VMScore
CVE-2018-5342
An issue exists in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.
Zohocorp Manageengine Desktop Central 10.0.184
Zohocorp Manageengine Desktop Central 10.0.124
570
VMScore
CVE-2021-44757
Zoho ManageEngine Desktop Central prior to 10.1.2137.9 and Desktop Central MSP prior to 10.1.2137.9 allow malicious users to bypass authentication, and read sensitive information or upload an arbitrary ZIP archive to the server.
Zohocorp Manageengine Desktop Central
Zohocorp Manageengine Desktop Central Managed Service Providers
570
VMScore
CVE-2020-28050
Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret from multiple agents to communicate with the server.
Zohocorp Manageengine Desktop Central
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »