Latest zohocorp manageengine network configuration manager Vulnerabilities

CVE-2023-47211
A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send...
Zohocorp Manageengine Firewall Analyzer<12.7
Zohocorp Manageengine Firewall Analyzer=12.7-build127000
Zohocorp Manageengine Firewall Analyzer=12.7-build127101
Zohocorp Manageengine Firewall Analyzer=12.7-build127130
Zohocorp Manageengine Firewall Analyzer=12.7-build127131
Zohocorp Manageengine Firewall Analyzer=12.7-build127187
and 91 more
CVE-2023-6105
ManageEngine Information Disclosure in Multiple Products
Zoho ManageEngine<5.3
Zohocorp Manageengine Appcreator<2.0.0
Zohocorp Manageengine Application Control Plus<11.2.2328.01
Zohocorp Manageengine Browser Security Plus<11.2.2328.01
Zoho ManageEngine<11.2.2328.01
Zohocorp Manageengine Endpoint Central<11.2.2322.01
and 782 more
CVE-2023-29505
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking.
Zohocorp Manageengine Network Configuration Manager=12.6-build126165
CVE-2022-38772
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make dat...
Zohocorp Manageengine Netflow Analyzer=12.5-build125450
Zohocorp Manageengine Netflow Analyzer=12.5-build125451
Zohocorp Manageengine Netflow Analyzer=12.5-build125452
Zohocorp Manageengine Netflow Analyzer=12.5-build125453
Zohocorp Manageengine Netflow Analyzer=12.5-build125455
Zohocorp Manageengine Netflow Analyzer=12.5-build125456
and 202 more
CVE-2022-37024
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allo...
Zohocorp Manageengine Firewall Analyzer=12.5-build125450
Zohocorp Manageengine Firewall Analyzer=12.5-build125451
Zohocorp Manageengine Firewall Analyzer=12.5-build125452
Zohocorp Manageengine Firewall Analyzer=12.5-build125453
Zohocorp Manageengine Firewall Analyzer=12.5-build125455
Zohocorp Manageengine Firewall Analyzer=12.5-build125456
and 102 more
CVE-2022-36923
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104...
Zohocorp Manageengine Firewall Analyzer=12.5-build125450
Zohocorp Manageengine Firewall Analyzer=12.5-build125451
Zohocorp Manageengine Firewall Analyzer=12.5-build125452
Zohocorp Manageengine Firewall Analyzer=12.5-build125453
Zohocorp Manageengine Firewall Analyzer=12.5-build125455
Zohocorp Manageengine Firewall Analyzer=12.5-build125456
and 102 more
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Zohocorp Manageengine Opmanager<12.5
Zohocorp Manageengine Opmanager=12.5
Zohocorp Manageengine Opmanager=12.5-build125000
Zohocorp Manageengine Opmanager=12.5-build125002
Zohocorp Manageengine Opmanager=12.5-build125100
Zohocorp Manageengine Opmanager=12.5-build125101
and 330 more
CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Zohocorp Manageengine Network Configuration Manager>=12.4<12.5
Zohocorp Manageengine Network Configuration Manager=12.3-build123123
Zohocorp Manageengine Network Configuration Manager=12.3-build123129
Zohocorp Manageengine Network Configuration Manager=12.3-build123137
Zohocorp Manageengine Network Configuration Manager=12.3-build123151
Zohocorp Manageengine Network Configuration Manager=12.3-build123156
and 63 more
CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Zohocorp Manageengine Network Configuration Manager>=12.4<12.5
Zohocorp Manageengine Network Configuration Manager=12.3-build123123
Zohocorp Manageengine Network Configuration Manager=12.3-build123129
Zohocorp Manageengine Network Configuration Manager=12.3-build123137
Zohocorp Manageengine Network Configuration Manager=12.3-build123151
Zohocorp Manageengine Network Configuration Manager=12.3-build123156
and 63 more
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associat...
Zoho ManageEngine=1.0
Zohocorp Manageengine Browser Security Plus
Zohocorp Manageengine Desktop Central=10.0.380
Zohocorp Manageengine Eventlog Analyzer=12.0.2
Zohocorp Manageengine Firewall=12.0
Zohocorp Manageengine Key Manager Plus=5.6
and 12 more
CVE-2018-18980
An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.d...
Zohocorp Manageengine Network Configuration Manager<12.3.214
Zohocorp Manageengine Opmanager<12.3.214
CVE-2018-12998
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtil...
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Oputils
Zohocorp Firewall Analyzer
and 1 more
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils b...
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Oputils
Zohocorp Firewall Analyzer
and 1 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203