Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2021-44077

Published: 29/11/2021 Updated: 08/08/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Zohocorp

Vulnerability Summary

Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

zohocorp manageengine servicedesk plus 11.2

zohocorp manageengine servicedesk plus msp 10.5

zohocorp manageengine servicedesk plus 11.3

zohocorp manageengine servicedesk plus 11.1

zohocorp manageengine supportcenter plus

zohocorp manageengine servicedesk plus msp

zohocorp manageengine supportcenter plus 11.0

Exploits

Exploit DB: ManageEngine ServiceDesk Plus Remote Code Execution
This Metasploit module exploits CVE-2021-44077, an unauthenticated remote code execution vulnerability in ManageEngine ServiceDesk Plus, to upload an EXE (msiexecexe) and execute it as the SYSTEM account Note that build 11305 is vulnerable to the authentication bypass but not the file upload The module will check for an exploitable build ...

Github Repositories

https://github.com/pizza-power/Golang-CVE-2021-44077-POC

Golang Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus < 11306

Golang-CVE-2021-44077-POC This exploit is an unauthenticated RCE in Zoho ManageEngine ServiceDesk Plus &lt; 11306 You can find a vulnerable version of the software here: archivesmanageenginecom/service-desk/11303/ManageEngine_ServiceDesk_Plus_64bitexe I couldn't find a Golang version of this, so here it is My code isn't great, so proceed at your own ri

https://github.com/horizon3ai/CVE-2021-44077

Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077

CVE-2021-44077 Proof of Concept Exploit for CVE-2021-44077: PreAuth RCE in ManageEngine ServiceDesk Plus &lt; 11306 Based on: xzaliyuncom/t/10631 CISA Advisory: wwwcisagov/uscert/ncas/alerts/aa21-336a Remediation (Update to build 11306 or later): wwwmanageenginecom/products/service-desk/security-response-planhtml Tested on ManageEngine S

Recent Articles

China is likely stockpiling and deploying vulnerabilities, says Microsoft
The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Increase in espionage and cyberattacks since law requiring vulnerabilities first be reported to Beijing

Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information. A year later, researchers from the Atlantic Council found there was a decrease in reported vulne...

Read more...

References

CWE-306https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-for-cve-2021-44077-unauthenticated-rce-vulnerability-in-servicedesk-plus-versions-up-to-11305-22-11-2021https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-authentication-bypass-vulnerability-in-servicedesk-plus-versions-11138-and-abovehttps://pitstop.manageengine.com/portal/en/community/topic/security-advisory-for-cve-2021-44077-unauthenticated-rce-vulnerability-in-servicedesk-plus-msp-versions-10527-till-10529https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-for-cve-2021-44077-unauthenticated-rce-vulnerability-in-supportcenter-plus-versions-11012-and-11013http://packetstormsecurity.com/files/165400/ManageEngine-ServiceDesk-Plus-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://github.com/pizza-power/Golang-CVE-2021-44077-POChttps://www.theregister.co.uk/2022/11/07/china_stockpiles_vulnerabilities_microsoft_asserts/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook