Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opmanager msp vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-43473
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve a malicious XML payload to trigger this vulnerability.
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus
Zohocorp Manageengine Opmanager Msp 12.6
Zohocorp Manageengine Opmanager Msp
NA
CVE-2007-5891
Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) requestid, (2) fileid, (3) woMode, and (2) woID parameters. NOTE: the proven...
Manageengine Opmanager Msp
Manageengine Opmanager 7.0
8.8
CVSSv3
CVE-2022-38772
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils prior to 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Netflow Analyzer 12.6
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Network Configuration Manager 12.6
Zohocorp Manageengine Oputils 12.5
Zohocorp Manageengine Oputils 12.6
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager Msp 12.6
Zohocorp Manageengine Opmanager Msp 12.5
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus 12.5
8.6
CVSSv3
CVE-2023-47211
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.7
Zohocorp Manageengine Oputils
Zohocorp Manageengine Oputils 12.7
Zohocorp Manageengine Firewall Analyzer 12.7
Zohocorp Manageengine Firewall Analyzer
Zohocorp Manageengine Netflow Analyzer 12.7
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Network Configuration Manager 12.7
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Opmanager Msp 12.7
Zohocorp Manageengine Opmanager Msp
Zohocorp Manageengine Opmanager Plus 12.7
Zohocorp Manageengine Opmanager Plus
8.8
CVSSv3
CVE-2022-37024
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils prior to 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execut...
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Firewall Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Oputils 12.5
Zohocorp Manageengine Oputils 12.6
Zohocorp Manageengine Firewall Analyzer 12.6
Zohocorp Manageengine Netflow Analyzer 12.6
Zohocorp Manageengine Network Configuration Manager 12.6
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager Msp 12.5
Zohocorp Manageengine Opmanager Msp 12.6
Zohocorp Manageengine Opmanager Plus 12.5
Zohocorp Manageengine Opmanager Plus 12.6
7.5
CVSSv3
CVE-2022-36923
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils prior to 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated malicious users to obtain a user's AP...
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Oputils 12.6
Zohocorp Manageengine Oputils 12.5
Zohocorp Manageengine Firewall Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Firewall Analyzer 12.6
Zohocorp Manageengine Netflow Analyzer 12.6
Zohocorp Manageengine Network Configuration Manager 12.6
Zohocorp Manageengine Opmanager 12.6
Zohocorp Manageengine Opmanager Msp 12.5
Zohocorp Manageengine Opmanager Plus 12.6
Zohocorp Manageengine Opmanager Plus 12.5
Zohocorp Manageengine Opmanager Msp 12.6
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started