ZOHO ManageEngine Remote Access Plus, a remote access solution from ZOHO, Inc. is vulnerable to a password reset vulnerability in ZOHO ManageEngine Remote Access Plus Server prior to version 10.1.2132, which stems from an unauthorized password reset mechanism. An attacker could use this vulnerability to reset the password of the server administrator account.