Lucene search
HistoryOct 21, 2014 - 3:55 p.m.
CVE-2014-5006
cve-2014-5006
zoho manageengine
desktop central
vulnerability
remote code execution
nvd
9.5 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.902 High
EPSS
Percentile
98.8%
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a … (dot dot) in the fileName parameter to mdm/mdmLogUploader.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zohocorp:manageengine_desktop_central | zohocorp manageengine desktop central | le | 9.0 |
Related
cvelist
cvelist
CVE-2014-5006
2014-10-21 15:00:00
prion
prion
Directory traversal
2014-10-21 15:55:00
checkpoint_advisories
checkpoint_advisories
zdi
zdi
openvas
openvas
zdt
zdt
ManageEngine Desktop Central - Arbitrary File Upload / RCE Vulnerabilities
2014-09-01 00:00:00
exploitpack
exploitpack
ManageEngine Desktop Central - Arbitrary File Upload Remote Code Execution
2014-09-01 00:00:00
nessus
nessus
ManageEngine Desktop Central Arbitrary File Upload and RCE (Safe Check)
2015-03-25 00:00:00
packetstorm
packetstorm
ManageEngine Desktop Central Remote Shell Upload
2014-08-31 00:00:00
seebug
seebug
ManageEngine Desktop Central - Arbitrary File Upload / RCE
2014-09-04 00:00:00
exploitdb
exploitdb
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
2014-09-01 00:00:00
9.5 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.902 High
EPSS
Percentile
98.8%
Related for CVE-2014-5006