CVE-2014-5005

2014-10-21T11:55:06
ID CVE-2014-5005
Type cve
Reporter NVD
Modified 2014-10-24T09:16:23

Description

Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter in an LFU action to statusUpdate.