Latest zohocorp manageengine firewall analyzer Vulnerabilities

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send...
Zohocorp Manageengine Firewall Analyzer<12.7
Zohocorp Manageengine Firewall Analyzer=12.7-build127000
Zohocorp Manageengine Firewall Analyzer=12.7-build127101
Zohocorp Manageengine Firewall Analyzer=12.7-build127130
Zohocorp Manageengine Firewall Analyzer=12.7-build127131
Zohocorp Manageengine Firewall Analyzer=12.7-build127187
and 91 more
ManageEngine Information Disclosure in Multiple Products
Zoho ManageEngine<5.3
Zohocorp Manageengine Appcreator<2.0.0
Zohocorp Manageengine Application Control Plus<11.2.2328.01
Zohocorp Manageengine Browser Security Plus<11.2.2328.01
Zoho ManageEngine<11.2.2328.01
Zohocorp Manageengine Endpoint Central<11.2.2322.01
and 782 more
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allo...
Zohocorp Manageengine Firewall Analyzer=12.5-build125450
Zohocorp Manageengine Firewall Analyzer=12.5-build125451
Zohocorp Manageengine Firewall Analyzer=12.5-build125452
Zohocorp Manageengine Firewall Analyzer=12.5-build125453
Zohocorp Manageengine Firewall Analyzer=12.5-build125455
Zohocorp Manageengine Firewall Analyzer=12.5-build125456
and 102 more
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104...
Zohocorp Manageengine Firewall Analyzer=12.5-build125450
Zohocorp Manageengine Firewall Analyzer=12.5-build125451
Zohocorp Manageengine Firewall Analyzer=12.5-build125452
Zohocorp Manageengine Firewall Analyzer=12.5-build125453
Zohocorp Manageengine Firewall Analyzer=12.5-build125455
Zohocorp Manageengine Firewall Analyzer=12.5-build125456
and 102 more
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Zohocorp Manageengine Opmanager<12.5
Zohocorp Manageengine Opmanager=12.5
Zohocorp Manageengine Opmanager=12.5-build125000
Zohocorp Manageengine Opmanager=12.5-build125002
Zohocorp Manageengine Opmanager=12.5-build125100
Zohocorp Manageengine Opmanager=12.5-build125101
and 330 more
Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting ...
Zohocorp Manageengine Firewall Analyzer=12.4-124072
Zohocorp Manageengine Opmanager=12.4-build124072
The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection.
Zohocorp Manageengine Firewall Analyzer=7.2-7020
Zohocorp Manageengine Firewall Analyzer=7.2-7021
Zohocorp Manageengine Firewall Analyzer=7.4-7400
Zohocorp Manageengine Firewall Analyzer=7.6-7600
Zohocorp Manageengine Firewall Analyzer=8.0-8000
Zohocorp Manageengine Firewall Analyzer=8.1-8110
and 30 more
The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection.
Zohocorp Manageengine Firewall Analyzer=7.2-7020
Zohocorp Manageengine Firewall Analyzer=7.2-7021
Zohocorp Manageengine Firewall Analyzer=7.4-7400
Zohocorp Manageengine Firewall Analyzer=7.6-7600
Zohocorp Manageengine Firewall Analyzer=8.0-8000
Zohocorp Manageengine Firewall Analyzer=8.1-8110
and 27 more

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203