5 matches found
Zoho ManageEngine OpManager < 12.5.329 - Remote Code Execution
Zoho ManageEngine OpManager before 12.5.329 contains a remote code execution caused by a general bypass in the deserialization class, letting unauthenticated attackers execute arbitrary code, exploit requires no authentication id: CVE-2021-3287 info: name: Zoho ManageEngine OpManager 12.5.329 -...
CVE-2021-3287
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class...
ManageEngine OpManager SumPDU Java Deserialization
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine OpManager SumPDU Java Deserialization', 'Description' = %q An HTTP endpoint used by the Manage Engine OpManager Smart Update Manager...
CVE-2021-3287
creationtimestamp| type| source ---|---|--- 2021-09-20 17:34:16+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/opmanagersumpdudeserialization.rb 2024-01-06 12:19:00+00:00| seen| https://t.me/arpsyndicate/2532 2025-02-06 03:13:45+00:00| seen|...
CVE-2021-3287
CVE-2021-3287 affects Zoho ManageEngine OpManager before 12.5.329. A general bypass in the deserialization class enables unauthenticated remote code execution, allowing an attacker to run arbitrary code with the OpManager application’s privileges (no authentication required). Mitigation: update t...