3 matches found
Metasploit Weekly Wrap-Up
MOVEit It has been a busy few weeks in the security space; the MOVEit vulnerability filling our news feeds with dancing lemurs and a Barracuda vulnerability that has us all wondering how many shredders out there can handle a 1U appliance. Despite those very worthwhile distractions, Metasploit has...
CVE-2023-29084
Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings...
CVE-2023-29084
CVE-2023-29084 concerns Zoho ManageEngine ADManager Plus. Multiple sources confirm: versions up to build 7181/7180 are vulnerable to authenticated command injection by manipulating the server proxy settings. The underlying issue is insufficient validation of user input when handling proxy configu...