2 matches found
CVE-2014-9371
The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...
CVE-2014-9371
The affected software is ManageEngine Desktop Central MSP (on-premises). Affected component: NativeAppServlet, vulnerable to remote code execution through crafted JSON data. Root cause: failure to sanitize JSON input before processing, enabling arbitrary code execution with SYSTEM context. The vu...