Lucene search
HistoryOct 21, 2014 - 3:55 p.m.
CVE-2014-5006
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.893 High
EPSS
Percentile
98.8%
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a … (dot dot) in the fileName parameter to mdm/mdmLogUploader.
Affected configurations
Node
zohocorpmanageengine_desktop_centralRange≤9.0
Related
cve
cve
CVE-2014-5006
2014-10-21 15:55:06
prion
prion
Directory traversal
2014-10-21 15:55:00
cvelist
cvelist
CVE-2014-5006
2014-10-21 15:00:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
openvas
openvas
zdt
zdt
ManageEngine Desktop Central - Arbitrary File Upload / RCE Vulnerabilities
2014-09-01 00:00:00
exploitpack
exploitpack
ManageEngine Desktop Central - Arbitrary File Upload Remote Code Execution
2014-09-01 00:00:00
packetstorm
packetstorm
ManageEngine Desktop Central Remote Shell Upload
2014-08-31 00:00:00
seebug
seebug
ManageEngine Desktop Central - Arbitrary File Upload / RCE
2014-09-04 00:00:00
nessus
nessus
ManageEngine Desktop Central Arbitrary File Upload and RCE (Safe Check)
2015-03-25 00:00:00
exploitdb
exploitdb
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
2014-09-01 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.893 High
EPSS
Percentile
98.8%
Related for NVD:CVE-2014-5006