CVE-2021-37539

CWE-434Unrestricted File Upload3 documents3 sources
Severity
9.8CRITICAL
EPSS
38.2%
top 2.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Zohocorp Manageengine Admanager Plus
Timeline
PublishedSep 27
Latest updateMay 24

Description

Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-p5xf-xrgh-68gm: Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution2022-05-24
CVEList
CVE-2021-37539: Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution2021-09-27
CVE-2021-37539 (CRITICAL CVSS 9.8) | Zoho ManageEngine ADManager Plus be | cvebase.io