Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-51061

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.08667EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2025/08/20 12:0 a.m.174 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

10CVSS9.6AI score0.99867EPSS
In wildExploits2References4
NVD
NVD
added 2023/02/25 9:15 p.m.22 views

CVE-2022-48362

Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadServlet. A remote, authenticated attacker could upload arbitrary code that would be executed when Desktop Central is restarted. The attacker could authenticate ...

8.8CVSS9.4AI score0.08667EPSS
Exploits1References2
Prion
Prion
added 2023/02/25 9:15 p.m.35 views

Directory traversal

Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadServlet. A remote, authenticated attacker could upload arbitrary code that would be executed when Desktop Central is restarted. The attacker could authenticate ...

6.5CVSS9.3AI score0.99867EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2023/02/25 12:0 a.m.31 views

CVE-2022-48362

Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadServlet. A remote, authenticated attacker could upload arbitrary code that would be executed when Desktop Central is restarted. The attacker could authenticate ...

9.5AI score0.08667EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2022/03/16 12:0 a.m.10 views

Zoho ManageEngine Desktop Central Authentication Bypass (CVE-2021-44515)

An authentication bypass vulnerability exists in Zoho ManageEngine Desktop Central. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

10CVSS8.8AI score0.99867EPSS
Exploits2
The Hacker News
The Hacker News
added 2022/01/18 5:13 a.m.142 views

Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central

Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of...

10CVSS2.2AI score0.99867EPSS
Exploits16
ThreatPost
ThreatPost
added 2021/12/21 2:42 p.m.70 views

FBI: Another Zoho ManageEngine Zero-Day Under Active Attack

Another Zoho ManageEngine zero-day vulnerability is under active attack from an APT group, this time looking to override legitimate functions of servers running ManageEngine Desktop Central and elevate privileges — with an ultimate goal of dropping malware onto organizations’ networks, the FBI ha...

10CVSS10AI score0.99867EPSS
Exploits16References14
NVD
NVD
added 2021/12/12 5:15 a.m.18 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

10CVSS0.99867EPSS
Exploits2References4
Cvelist
Cvelist
added 2021/12/12 4:4 a.m.35 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

9.9AI score0.99867EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2021/12/12 4:4 a.m.10 views

CVE-2021-44515

Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and earlier, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128.0 through 10.1.2137.2,...

10AI score0.99867EPSS
Exploits2References3
CVE
CVE
added 2021/12/12 4:4 a.m.1103 views

CVE-2021-44515

Zoho ManageEngine Desktop Central (and Desktop Central MSP) is affected by CVE-2021-44515, a authentication bypass that enables remote code execution on the server. Affected builds: Enterprise 10.1.2127.17 and earlier require upgrading to 10.1.2127.18; Enterprise 10.1.2128.0–10.1.2137.2 require 1...

10CVSS9.6AI score0.99867EPSS
In wildExploits2References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/12/06 12:0 a.m.194 views

ManageEngine Desktop Central < 10.1.2127.18 / 10.1.2128.0 < 10.1.2137.3 Authentication Bypass (CVE-2021-44515)

The ManageEngine Desktop Central application running on the remote host is prior to 10.1.2127.18, or 10.1.2128.0 prior to 10.1.2137.3. It is, therefore, affected by an authentication bypass vulnerability which can allow an adversary to bypass authentication and execute arbitrary code in the Deskt...

10CVSS9.2AI score0.99867EPSS
Exploits2References2
Circl
Circl
added 2021/12/04 6:14 a.m.18 views

CVE-2021-44515

creationtimestamp| type| source ---|---|--- 2021-12-04 06:14:16+00:00| exploited| https://t.me/thehackernews/1705 2021-12-04 15:55:58+00:00| exploited| https://t.me/cKure/8329 2021-12-07 15:59:29+00:00| exploited| https://t.me/truesecator/2416 2021-12-08 20:34:22+00:00| exploited|...

10CVSS7.3AI score0.99867EPSS
In wildExploits2References18
The Hacker News
The Hacker News
added 2021/12/04 5:7 a.m.134 views

Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The...

10CVSS1.6AI score0.99867EPSS
Exploits16
Rows per page
Query Builder