ManageEngine Eventlog Analyzer Arbitrary File Upload

This module exploits a file upload vulnerability in ManageEngine Eventlog Analyzer. The vulnerability exists in the agentUpload servlet which accepts unauthenticated file uploads and handles zip file contents in an insecure way. By combining both weaknesses a remote attacker can achieve remote co...