Lucene search
China National Vulnerability DatabaseCNVD-2022-09267HistoryOct 08, 2021 - 12:00 a.m.
Zoho ManageEngine Remote Access Plus Trust Management Issue Vulnerability
2021-10-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
zoho
manageengine
remote access
trust management
vulnerability
hard-coded credentials
exploitation
unauthorized access
special request
system security
EPSS
0.027
Percentile
90.7%
ZOHO ManageEngine Remote Access Plus is a remote access solution from ZOHO, Inc. A trust management issue vulnerability previously existed in Zoho ManageEngine Remote Access Plus 10.1.2121.1, which stems from the fact that the affected product has hard-coded credentials associated with resetPWD.xml associated with hard-coded credentials, which could be exploited by an attacker to submit a special request for unauthorized access to the system.
Related
cvelist
cvelist
CVE-2021-41828
2021-09-30 02:36:04
prion
prion
Hardcoded credentials
2021-09-30 03:15:00
cve
cve
CVE-2021-41828
2021-09-30 03:15:06
nvd
nvd
CVE-2021-41828
2021-09-30 03:15:06