Published: 19/07/2022 Updated: 08/08/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

Zoho ManageEngine Password Manager Pro prior to 12101 and PAM360 prior to 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus prior to 4303 with authentication.)

Vulnerable Product	Search on Vulmon	Subscribe to Product
zohocorp manageengine access manager plus 4.3
zohocorp manageengine access manager plus
zohocorp manageengine password manager pro
zohocorp manageengine password manager pro 12.1
zohocorp manageengine pam360
zohocorp manageengine pam360 5.5

This Metasploit module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510 Unauthenticated attackers can send a crafted XML-RPC request containing malicious serialized data to /xmlrpc to gain remote command execution as the SYSTEM user ...

ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC-exploit

CVE-2022-35405 My blog post Nuclei template Other article ManageEngine PAM360 and Password Manager Pro unauthenticated remote code execution vulnerability PoC (Access Manager Plus authenticated only :) Product Name Affected Version(s) Default port PAM360 55 (5500) and below 8282 Password Manager Pro 121 (12100) and below 7272 Access Manager Plus (authenticated) 4

CWE-502 https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-35405.html http://packetstormsecurity.com/files/167918/Zoho-Password-Manager-Pro-XML-RPC-Java-Deserialization.html https://nvd.nist.gov https://github.com/viniciuspereiras/CVE-2022-35405 https://packetstormsecurity.com/files/167918/Zoho-Password-Manager-Pro-XML-RPC-Java-Deserialization.html

CVE-2022-35405

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect