CVE-2014-6035
N/A
N/A
Summary
Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a .. (dot dot) in the FILENAME parameter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix
- https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt
- http://seclists.org/fulldisclosure/2014/Sep/110
References
- https://support.zoho.com/portal/manageengine/helpcenter/articles/servlet-vulnerability-fix
- https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_opmanager_socialit_it360.txt
- http://seclists.org/fulldisclosure/2014/Sep/110
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.