CVE-2014-5005

2014-10-21T15:55:00
ID CVE-2014-5005
Type cve
Reporter cve@mitre.org
Modified 2014-10-24T13:16:00

Description

Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter in an LFU action to statusUpdate.