Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2023-31099
Disclosure Date: May 04, 2023 (last updated October 08, 2023)
Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.
0
Attacker Value
Unknown
CVE-2022-43473
Disclosure Date: March 30, 2023 (last updated November 08, 2023)
A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve
a malicious XML payload to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-38772
Disclosure Date: August 29, 2022 (last updated October 08, 2023)
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature.
0
Attacker Value
Unknown
CVE-2022-37024
Disclosure Date: August 10, 2022 (last updated October 08, 2023)
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.
0
Attacker Value
Unknown
CVE-2022-36923
Disclosure Date: August 10, 2022 (last updated October 08, 2023)
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs.
0
