Path traversal

2023-11-0307:15:00

PRIOn knowledge base

www.prio-n.com

manageengine mdm

path traversal

vulnerability

authentication bypass

system files

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%

JSON

NCSIST ManageEngine Mobile Device Manager(MDM) APP’s special function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and read arbitrary system files.

CPENameOperatorVersion
tronclass_ilearneq1.62.41849

CPE	Name	Operator	Version
	tronclass_ilearn	eq	1.62.41849

References

www.twcert.org.tw/tw/cp-132-7506-b4e29-1.html