CVE-2026-2740

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...

CVE-2026-2740

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...

EUVD-2026-31283

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...

CVE-2026-2740

This CVE affects Zohocorp ManageEngine ADSelfService Plus (before 6525), DataSecurity Plus (before 6264), and RecoveryManager Plus (before 6313). Root cause: a bug in a third‑party dependency leading to Authenticated Remote Code Execution on agent machines. Affected products expose a high impact ...

CVE-2026-2740 Remote Code Execution

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...

ZOHO多款产品 命令注入漏洞

ZOHO ManageEngine DataSecurity Plus is a product of the American company ZOHO. ZOHO ManageEngine DataSecurity Plus is a sensitive data management solution. ZOHO ManageEngine ADSelfService Plus is an integrated self-service password management and single-sign-on solution for Active Directory and...

PT-2026-42464

Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent machines due to the bug in the 3rd party dependency...

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings...

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings...

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings...

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 is affected by a command-injection vulnerability that allows admin users to execute arbitrary commands via proxy settings. The root cause is improper handling/neutralization of input in the affected component (getEscapedValue) and related proxy c...

CVE-2023-48646

Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings...

PT-2023-7559 · Zoho · Zoho Manageengine Recovery Manager Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine RecoveryManager Plus versions prior to 6070 Description: The issue allows admin users to execute arbitrary commands via proxy settings. This is due to a failure to neutralize special elements, which can be exploited by a...

ZOHO ManageEngine RecoveryManager Plus Security Vulnerability

ZOHO ManageEngine RecoveryManager Plus is a backup and recovery solution from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine RecoveryManager Plus versions prior to 6070 that originates from allowing an administrator user to execute arbitrary commands via proxy settings...