The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote malicious users to upload and execute arbitrary files via the ConnectionId parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
manageengine desktop central 9.0 |