CVE-2022-37024

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution...

CVE-2024-6748

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below are vulnerable to authenticated SQL injection in the URL monitoring...

CVE-2024-6748

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below are vulnerable to authenticated SQL injection in the URL monitoring...

CVE-2024-6748

CVE-2024-6748 affects Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM (versions 128317 and below). The vulnerability is an authenticated SQL injection in the URL monitoring component. Connected sources confirm affected products/versions and the authentication requirement; n...

ZOHO多款产品 安全漏洞

ZOHO ManageEngine OpManager and others are products of ZOHO Corporation.ZOHO ManageEngine OpManager is a comprehensive network monitoring software.ZOHO ManageEngine OpManager Plus is an IT operations management solution for Windows and Linux systems. ZOHO ManageEngine OpManager Plus is an IT...

CVE-2024-38870 Stored XSS

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition versions before 128104, from 128151 before 128238, from 128247 before 128250 are vulnerable to Stored XSS vulnerability in reports module...

ManageEngine OpManager Plus getDNSResolveOption Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine OpManager Plus. Authentication is required to exploit this vulnerability. The specific flaw exists within the getDNSResolveOption function. The issue results from the lack of proper...

ManageEngine OpManager Plus getNmapInitialOption Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine OpManager Plus. Authentication is required to exploit this vulnerability. The specific flaw exists within the getNmapInitialOption function. The issue results from the lack of proper...

Code injection

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature...

CVE-2022-38772

Summary: CVE-2022-38772 affects Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils. The issue is a command injection in the getNmapInitialOption function that allows authenticated users to perform database changes leading to re...

Design/Logic Flaw

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access external...

CVE-2022-36923

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access external...

CVE-2022-36923

CVE-2022-36923 affects Zoho ManageEngine products (OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils) with an authentication bypass that allows an unauthenticated attacker to retrieve a user’s API key and use external APIs. T...

PT-2022-23689 · Zoho · Netflow Analyzer +6

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine OpManager versions before 2022-07-27 through 2022-07-28 Zoho ManageEngine OpManager Plus versions before 2022-07-27 through 2022-07-28 Zoho ManageEngine OpManager MSP versions before 2022-07-27 through 2022-07-28 Zoho...

多款ZOHO ManageEngine产品安全漏洞

ZOHO ManageEngine OpManager and others are products of ZOHO India.ZOHO ManageEngine OpManager is a suite of network, server and virtualization monitoring software.ZOHO ManageEngine OpManager Plus is an IT operations management solution for Windows and Linux systems. ZOHO ManageEngine OpManager Pl...

CVE-2022-37024

Summary (CVE-2022-37024) : Multiple Zoho ManageEngine products (OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, OpUtils) prior to 2022-07-29 are affected by a remote code execution flaw. The root cause is insufficient input validation in the getDNSResolv...