Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-5005
HistoryOct 21, 2014 - 3:55 p.m.

CVE-2014-5005

2014-10-2115:55:00
CWE-22
[email protected]
web.nvd.nist.gov
58
cve
2014
5005
directory traversal
zoho
manageengine
desktop central
lfu action
statusupdate
vulnerability
security

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.972 High

EPSS

Percentile

99.8%

JSON

Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a … (dot dot) in the fileName parameter in an LFU action to statusUpdate.

Related

checkpoint_advisories 1
zdi 1
nessus 2
packetstorm 2
prion 2
cvelist 1
dsquare 1
openvas 1
cve 1
zdt 1
seebug 1
exploitpack 1
exploitdb 1
checkpoint_advisories
checkpoint_advisories
ManageEngine Desktop Central StatusUpdate Arbitrary File Upload (CVE-2014-5005)
2014-10-14 00:00:00
zdi
zdi
ManageEngine Desktop Central MSP StatusUpdateServlet fileName File Upload Remote Code Execution Vulnerability
2015-01-07 00:00:00
nessus
nessus
ManageEngine Desktop Central statusUpdate Arbitrary File Upload RCE (intrusive check)
2015-03-25 00:00:00
ManageEngine Desktop Central Arbitrary File Upload and RCE (Safe Check)
2015-03-25 00:00:00
packetstorm
packetstorm
ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
2014-09-08 00:00:00
ManageEngine Desktop Central Remote Shell Upload
2014-08-31 00:00:00
prion
prion
Directory traversal
2014-10-21 15:55:00
Design/Logic Flaw
2020-02-17 19:15:00
cvelist
cvelist
CVE-2014-5005
2014-10-21 15:00:00
dsquare
dsquare
ManageEngine Desktop Central 9.0.0 File Upload
2014-09-01 00:00:00
openvas
openvas
Multiple ManageEngine Products 7.0 - 9.0.054 Arbitrary File Upload Vulnerability
2014-09-09 00:00:00
cve
cve
CVE-2014-9404
2020-02-17 19:15:00
zdt
zdt
ManageEngine Desktop Central - Arbitrary File Upload / RCE Vulnerabilities
2014-09-01 00:00:00
seebug
seebug
ManageEngine Desktop Central - Arbitrary File Upload / RCE
2014-09-04 00:00:00
exploitpack
exploitpack
ManageEngine Desktop Central - Arbitrary File Upload Remote Code Execution
2014-09-01 00:00:00
exploitdb
exploitdb
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
2014-09-01 00:00:00

9.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.972 High

EPSS

Percentile

99.8%

JSON
Related for CVE-2014-5005
checkpoint_advisories1zdi1nessus2packetstorm2prion2cvelist1dsquare1openvas1cve1zdt1seebug1exploitpack1exploitdb1