430 matches found
Design/Logic Flaw
Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...
Remote code execution
Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...
ZOHO ManageEngine Desktop Central MSP 信息泄露漏洞
ZOHO ManageEngine Desktop Central MSP is a suite of desktop and mobile device management software for MSPs Managed Service Providers from ZOHO USA. The software enables MSPs to remotely manage desktops, servers, and mobile devices in their customer networks, and provides differentiated management...
ZOHO ManageEngine Desktop Central MSP 安全漏洞
ZOHO ManageEngine Desktop Central MSP is a suite of desktop and mobile device management software for MSPs Managed Service Providers from ZOHO. A security vulnerability exists in versions prior to Zoho ManageEngine Desktop Central 10.0.662, which is caused by a program that launches an executable...
ZOHO ManageEngine Desktop Central 安全漏洞
ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO, Inc. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. properly...
CVE-2021-46164
Zoho ManageEngine Desktop Central is affected by a remote code execution vulnerability affecting versions before 10.0.662. An authenticated user with full access to the Reports module can trigger RCE. The available documents describe the affected product, the vulnerable component (Reports module)...
CVE-2021-46164
Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...
CVE-2021-46164
Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...
CVE-2021-46165
Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...
CVE-2021-46165
CVE-2021-46165 affects Zoho ManageEngine Desktop Central prior to 10.0.662. At startup, the application launches an executable file from batch files, and the file path may be improperly defined, potentially enabling unauthorized execution. The NVD rating indicates high impact (C/H, I/H, A/H) with...
CVE-2021-46165
Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...
CVE-2021-46166
CVE-2021-46166 affects Zoho ManageEngine Desktop Central prior to 10.0.662. The vulnerability allows authenticated users to disclose sensitive information from the database by visiting the Reports page. The available documents confirm an information-disclosure impact but do not provide exploit ve...
CVE-2021-46166
Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive information from the database by visiting the Reports page...
CVE-2021-46166
Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive information from the database by visiting the Reports page...
The vulnerability of the ManageEngine Desktop Central software for managing workstations via a web interface stems from deficiencies in the authentication process. This allows a perpetrator to bypass the authentication procedures and execute arbitrary code.
The vulnerability of the ManageEngine Desktop Central software for managing workstations via a web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass the authentication process and execute arbitrary code...
CVE-2021-44515
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...
CVE-2021-44515
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...
CVE-2021-44515
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...
CVE-2021-44515
Zoho ManageEngine Desktop Central (and Desktop Central MSP) is affected by CVE-2021-44515, a authentication bypass that enables remote code execution on the server. Affected builds: Enterprise 10.1.2127.17 and earlier require upgrading to 10.1.2127.18; Enterprise 10.1.2128.0–10.1.2137.2 require 1...
VulnCheck KEV: CVE-2021-44515
Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server...