ManageEngine Desktop Central - Arbitrary File Upload / RCE Vulnerabilities

ManageEngine Desktop Central suffers from code execution and remote shell upload vulnerabilities. Arbitrary file upload / remote code execution in ManageEngine Desktop Central / Desktop Central MSP Discovered by Pedro Ribeiro Agile Information Security...

DesktopCentral AgentLogUpload Arbitrary File Upload Vulnerability

This Metasploit module exploits an arbitrary file upload vulnerability in DesktopCentral 8.0.0 below build 80293. A malicious user can upload a JSP file into the web root without authentication, leading to arbitrary code execution. This module requires Metasploit: http//metasploit.com/download...