Lucene search
K

430 matches found

Prion
Prion
added 2022/01/10 2:11 p.m.21 views

Design/Logic Flaw

Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...

4.6CVSS7.6AI score0.00469EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/01/10 2:11 p.m.14 views

Remote code execution

Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...

6.5CVSS8.8AI score0.07136EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.5 views

ZOHO ManageEngine Desktop Central MSP 信息泄露漏洞

ZOHO ManageEngine Desktop Central MSP is a suite of desktop and mobile device management software for MSPs Managed Service Providers from ZOHO USA. The software enables MSPs to remotely manage desktops, servers, and mobile devices in their customer networks, and provides differentiated management...

6.5CVSS5.6AI score0.02759EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.6 views

ZOHO ManageEngine Desktop Central MSP 安全漏洞

ZOHO ManageEngine Desktop Central MSP is a suite of desktop and mobile device management software for MSPs Managed Service Providers from ZOHO. A security vulnerability exists in versions prior to Zoho ManageEngine Desktop Central 10.0.662, which is caused by a program that launches an executable...

7.8CVSS5.5AI score0.00469EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.6 views

ZOHO ManageEngine Desktop Central 安全漏洞

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO, Inc. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. properly...

8.8CVSS5.8AI score0.07136EPSS
Exploits0References1
CVE
CVE
added 2022/01/09 12:26 a.m.63 views

CVE-2021-46164

Zoho ManageEngine Desktop Central is affected by a remote code execution vulnerability affecting versions before 10.0.662. An authenticated user with full access to the Reports module can trigger RCE. The available documents describe the affected product, the vulnerable component (Reports module)...

8.8CVSS8.9AI score0.07136EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/01/09 12:26 a.m.31 views

CVE-2021-46164

Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...

9.2AI score0.07136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/01/09 12:26 a.m.6 views

CVE-2021-46164

Zoho ManageEngine Desktop Central before 10.0.662 allows remote code execution by an authenticated user who has complete access to the Reports module...

8.8CVSS8.4AI score0.07136EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/01/09 12:26 a.m.23 views

CVE-2021-46165

Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...

7.8AI score0.00469EPSS
Exploits0References1
CVE
CVE
added 2022/01/09 12:26 a.m.62 views

CVE-2021-46165

CVE-2021-46165 affects Zoho ManageEngine Desktop Central prior to 10.0.662. At startup, the application launches an executable file from batch files, and the file path may be improperly defined, potentially enabling unauthorized execution. The NVD rating indicates high impact (C/H, I/H, A/H) with...

7.8CVSS7.6AI score0.00469EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/09 12:26 a.m.6 views

CVE-2021-46165

Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...

7.8CVSS7.2AI score0.00469EPSS
Exploits0References2
CVE
CVE
added 2022/01/09 12:25 a.m.58 views

CVE-2021-46166

CVE-2021-46166 affects Zoho ManageEngine Desktop Central prior to 10.0.662. The vulnerability allows authenticated users to disclose sensitive information from the database by visiting the Reports page. The available documents confirm an information-disclosure impact but do not provide exploit ve...

6.5CVSS6.1AI score0.02759EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/09 12:25 a.m.7 views

CVE-2021-46166

Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive information from the database by visiting the Reports page...

6.5CVSS6.5AI score0.02759EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/01/09 12:25 a.m.21 views

CVE-2021-46166

Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated users to obtain sensitive information from the database by visiting the Reports page...

6.4AI score0.02759EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/12/20 12:0 a.m.5 views

The vulnerability of the ManageEngine Desktop Central software for managing workstations via a web interface stems from deficiencies in the authentication process. This allows a perpetrator to bypass the authentication procedures and execute arbitrary code.

The vulnerability of the ManageEngine Desktop Central software for managing workstations via a web interface is related to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to bypass the authentication process and execute arbitrary code...

10CVSS8.4AI score0.99867EPSS
Exploits2References5Affected Software1
OSV
OSV
added 2021/12/12 5:15 a.m.3 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

9.8CVSS7.8AI score0.99867EPSS
Exploits2References4
NVD
NVD
added 2021/12/12 5:15 a.m.18 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

10CVSS0.99867EPSS
Exploits2References4
Cvelist
Cvelist
added 2021/12/12 4:4 a.m.36 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

9.9AI score0.99867EPSS
Exploits2References3
CVE
CVE
added 2021/12/12 4:4 a.m.1103 views

CVE-2021-44515

Zoho ManageEngine Desktop Central (and Desktop Central MSP) is affected by CVE-2021-44515, a authentication bypass that enables remote code execution on the server. Affected builds: Enterprise 10.1.2127.17 and earlier require upgrading to 10.1.2127.18; Enterprise 10.1.2128.0–10.1.2137.2 require 1...

10CVSS9.6AI score0.99867EPSS
In wildExploits2References4Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2021/12/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-44515

Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server...

10CVSS7.8AI score0.99867EPSS
Exploits2References1
Rows per page
Query Builder