5 matches found
ManageEngine OpManager SumPDU Java Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine OpManager SumPDU Java Deserialization', 'Description' = %q An HTTP endpoint used by the Manage Engine OpManager Smart Update Manager...
Exploit for CVE-2020-2853
Manage Engine OpManager CVE-2020-28653 Proof of Concept This...
CVE-2020-28653
creationtimestamp| type| source ---|---|--- 2021-02-03 18:49:33+00:00| seen| https://t.me/cibsecurity/23028 2021-09-20 17:34:16+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/opmanagersumpdudeserialization.rb 2025-02-06 03:13:44+00:00| seen|...
CVE-2020-28653
CVE-2020-28653 affects ManageEngine OpManager SumPDU Java Deserialization in OpManager 12.1–12.5.x prior to build 125203 (released before 125233). The SUMPDU servlet allows unauthenticated remote code execution via deserialization of arbitrary Java objects, enabling remote code execution on the s...
CVE-2020-28653
Zoho ManageEngine OpManager Stable build before 125203 and Released build before 125233 allows Remote Code Execution via the Smart Update Manager SUM servlet...