CVE-2021-41827

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials for read-only access. The credentials are in the source code that corresponds to the DCBackupRestore JAR archive...

CVE-2021-41829

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key...

CVE-2022-26777

Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details...

CVE-2022-26777

Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details...

Zoho ManageEngine Remote Access Plus Trust Management Issue Vulnerability (CNVD-2022-09266)

ZOHO ManageEngine Remote Access Plus is a remote access solution from ZOHO, Inc. A trust management issue vulnerability previously existed in Zoho ManageEngine Remote Access Plus 10.1.2121.1, which stems from the fact that the affected product has hard-coded credentials for read-only The...

CVE-2021-41829

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key...

CVE-2021-41828

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml...

CVE-2019-16268

Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen...

ZOHO ManageEngine Remote Access Plus Elevation of Privilege Vulnerability

ZOHO ManageEngine Remote Access Plus is a remote access solution from ZOHO. An elevation of privilege vulnerability exists in Zoho ManageEngine Remote Access Plus version 10.0.258, which can be exploited by an attacker to elevate privileges and take full control of the application...

CVE-2019-11361

Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover...