Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine firewall analyzer vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2017-14123
Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demon...
Zohocorp Manageengine Firewall Analyzer 12.2
668
VMScore
CVE-2019-11677
The Custom Report import function in Zoho ManageEngine Firewall Analyzer prior to 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection.
Zohocorp Manageengine Firewall Analyzer 7.2
Zohocorp Manageengine Firewall Analyzer 8.5
Zohocorp Manageengine Firewall Analyzer 12.2
Zohocorp Manageengine Firewall Analyzer 12.3
Zohocorp Manageengine Firewall Analyzer 7.4
Zohocorp Manageengine Firewall Analyzer 8.0
Zohocorp Manageengine Firewall Analyzer 7.6
Zohocorp Manageengine Firewall Analyzer 8.1
Zohocorp Manageengine Firewall Analyzer 8.3
Zohocorp Manageengine Firewall Analyzer 12.0
668
VMScore
CVE-2019-11678
The "default reports" feature in Zoho ManageEngine Firewall Analyzer prior to 12.3 Build 123218 is vulnerable to SQL Injection.
Zohocorp Manageengine Firewall Analyzer 7.6
Zohocorp Manageengine Firewall Analyzer 8.3
Zohocorp Manageengine Firewall Analyzer 12.3
Zohocorp Manageengine Firewall Analyzer 7.2
Zohocorp Manageengine Firewall Analyzer 7.4
Zohocorp Manageengine Firewall Analyzer 8.0
Zohocorp Manageengine Firewall Analyzer 12.0
Zohocorp Manageengine Firewall Analyzer 12.2
Zohocorp Manageengine Firewall Analyzer 8.1
Zohocorp Manageengine Firewall Analyzer 8.5
641
VMScore
CVE-2019-17421
Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload.
Zohocorp Manageengine Firewall Analyzer 12.4
Zohocorp Manageengine Opmanager 12.4
641
VMScore
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current di...
Zohocorp Manageengine Mobile Device Manager Plus 9.0.0
Zohocorp Manageengine Patch Connect Plus 9.0.0
Zohocorp Manageengine Vulnerability Manager Plus 9.0.0
Zohocorp Manageengine Patch Manager Plus 9.0.0
Zohocorp Manageengine Browser Security Plus -
Zohocorp Manageengine Eventlog Analyzer 12.0.2
Zohocorp Manageengine Supportcenter Plus 8.1
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Oputils 11.0
Zohocorp Manageengine Desktop Central 10.0.380
Zohocorp Manageengine Firewall 12.0
Zohocorp Manageengine Key Manager Plus 5.6
Zohocorp Manageengine Password Manager Pro 9.9
Zohocorp Manageengine Analytics Plus 1.0
Zohocorp Manageengine Servicedesk Plus 10.0.0
Zohocorp Manageengine O365 Manager Plus 4.0
Zohocorp Manageengine Netflow Analyzer 11.0
Zohocorp Manageengine Network Configuration Manager 11.0
455
VMScore
CVE-2012-4889
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab parameter to mindex.do; (6) t...
Manageengine Firewall Analyzer 7.2
5 EDB exploits
445
VMScore
CVE-2018-17283
Zoho ManageEngine OpManager prior to 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser o...
Zohocorp Manageengine Opmanager
445
VMScore
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows malicious u...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
445
VMScore
CVE-2015-7781
ManageEngine Firewall Analyzer prior to 8.0 does not restrict access permissions.
Zohocorp Manageengine Firewall Analyzer
435
VMScore
CVE-2012-4891
Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngine Firewall Analyzer 7.2 allows remote malicious users to inject arbitrary web script or HTML via the url parameter, a different vector than CVE-2012-4889. NOTE: the provenance of this information is unknown; t...
Manageengine Firewall Analyzer 7.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »