CVE-2014-5006
published 2014-10-21CVE-2014-5006: Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .…
PriorityP263high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
25.08%
97.7th percentile
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter to mdm/mdmLogUploader.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zohocorp | manageengine_desktop_central | <= 9.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·Vulnerability affects Desktop Central v8 through v9 build 90054 (inclusive of MSP versions); v7 is NOT affected by CVE-2014-5006 specifically ↗
- ·Exploitation requires no authentication and no prior knowledge of target configuration ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload (Metasploit)
exploitdb·2014-09-09
CVE-2014-5005 ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload (Metasploit)
ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload (Metasploit)
---
##
# This module requires Metasploit: http//metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class Metasploit3 'ManageEngine Desktop Central StatusUpdate Arbitrary File Upload',
'Description' => %q{
This module exploits an arbitrary file upload vulnerability in ManageEngine DesktopCentral
v7 to v9 build 90054 (including the MSP versions).
A malicious user can upload a JSP file into the web root without authentication, leading to
arbitrary code execution as SYSTEM. Some early builds of version 7 are not exploitable as
they do not ship with a bundled Java compiler.
},
'Author' =>
[
'Pedro Ribeiro ' # Vulnerability discovery and Metasploit module
Exploit-DB
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
exploitdb·2014-09-01·CVSS 7.5
CVE-2014-5007 [HIGH] ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
---
Arbitrary file upload / remote code execution in ManageEngine Desktop Central / Desktop Central MSP
Discovered by Pedro Ribeiro ([email protected]), Agile Information Security
Background on the affected product:
"Desktop Central is an integrated desktop & mobile device management
software that helps in managing the servers, laptops, desktops,
smartphones and tablets from a central point. It automates your
regular desktop management routines like installing patches,
distributing software, managing your IT Assets, managing software
licenses, monitoring software usage statistics, managing USB device
usage, taking control of remote desktops, and more."
There are several vulnerable servers are out there if you k
No writeups or analysis indexed.
http://osvdb.org/show/osvdb/110644http://seclists.org/fulldisclosure/2014/Aug/88http://www.exploit-db.com/exploits/34594https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_dc9_file_upload.txthttps://www.manageengine.com/products/desktop-central/remote-code-execution.htmlhttp://osvdb.org/show/osvdb/110644http://seclists.org/fulldisclosure/2014/Aug/88http://www.exploit-db.com/exploits/34594https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_dc9_file_upload.txthttps://www.manageengine.com/products/desktop-central/remote-code-execution.html
2014-10-21
Published