Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-44675
Zoho ManageEngine ServiceDesk Plus MSP prior to 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus Msp
7.5
CVSSv2
CVE-2021-44676
Zoho ManageEngine Access Manager Plus prior to 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Access Manager Plus 4.1
7.5
CVSSv2
CVE-2021-44514
OpUtils in Zoho ManageEngine OpManager 12.5 prior to 125490 mishandles authentication for a few audit directories.
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv2
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus prior to 4421 is vulnerable to file-upload remote code execution.
Zohocorp Manageengine M365 Manager Plus -
Zohocorp Manageengine M365 Manager Plus Build 4000
Zohocorp Manageengine M365 Manager Plus Build 4001
Zohocorp Manageengine M365 Manager Plus Build 4002
Zohocorp Manageengine M365 Manager Plus Build 4003
Zohocorp Manageengine M365 Manager Plus Build 4004
Zohocorp Manageengine M365 Manager Plus Build 4005
Zohocorp Manageengine M365 Manager Plus Build 4007
Zohocorp Manageengine M365 Manager Plus Build 4008
Zohocorp Manageengine M365 Manager Plus Build 4009
Zohocorp Manageengine M365 Manager Plus Build 4010
Zohocorp Manageengine M365 Manager Plus Build 4011
Zohocorp Manageengine M365 Manager Plus Build 4012
Zohocorp Manageengine M365 Manager Plus Build 4013
Zohocorp Manageengine M365 Manager Plus Build 4014
Zohocorp Manageengine M365 Manager Plus Build 4100
Zohocorp Manageengine M365 Manager Plus Build 4101
Zohocorp Manageengine M365 Manager Plus Build 4102
Zohocorp Manageengine M365 Manager Plus Build 4103
Zohocorp Manageengine M365 Manager Plus Build 4104
Zohocorp Manageengine M365 Manager Plus Build 4105
Zohocorp Manageengine M365 Manager Plus Build 4106
7.5
CVSSv2
CVE-2021-43319
Zoho ManageEngine Network Configuration Manager prior to 125488 is vulnerable to command injection due to improper validation in the Ping functionality.
Zohocorp Manageengine Network Configuration Manager 11.0
Zohocorp Manageengine Network Configuration Manager 12.0
Zohocorp Manageengine Network Configuration Manager 12.1
Zohocorp Manageengine Network Configuration Manager 12.2
Zohocorp Manageengine Network Configuration Manager 12.3
Zohocorp Manageengine Network Configuration Manager 12.4
Zohocorp Manageengine Network Configuration Manager 12.5
7.5
CVSSv2
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
7.5
CVSSv2
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
7.5
CVSSv2
CVE-2021-42002
Zoho ManageEngine ADManager Plus prior to 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
7.5
CVSSv2
CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
7.5
CVSSv2
CVE-2021-42847
Zoho ManageEngine ADAudit Plus prior to 7006 allows malicious users to write to, and execute, arbitrary files.
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »