CVE-2021-20081

Summary

Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges.

Affected Software

VendorProductVersion RangeStatus
n/aManageEngine ServiceDesk PlusBefore 11205affected

Weaknesses

  • Incomplete List of Disallowed Inputs leading to Authenticated Remote Command Execution

ADP Enrichment

CVE Program Container

Additional References

References