ManageEngine Desktop Central MSP < 9.0.075 Arbitrary Code Execution Vulnerability

ManageEngine Desktop Central MSP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-9371

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

Code injection

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

CVE-2014-9371

The affected software is ManageEngine Desktop Central MSP (on-premises). Affected component: NativeAppServlet, vulnerable to remote code execution through crafted JSON data. Root cause: failure to sanitize JSON input before processing, enabling arbitrary code execution with SYSTEM context. The vu...

CVE-2014-9371

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object...

ManageEngine Desktop Central MSP Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Desktop Central MSP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NativeAppServlet servlet. The issue lies in the failure to saniti...