critical
9.8
CWE
89
Advisory Published
Updated

CVE-2021-41081: SQL Injection

First published: Thu Nov 11 2021(Updated: )

Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
ManageEngine Network Configuration Manager>=12.4<12.5
ManageEngine Network Configuration Manager=12.3-build123123
ManageEngine Network Configuration Manager=12.3-build123129
ManageEngine Network Configuration Manager=12.3-build123137
ManageEngine Network Configuration Manager=12.3-build123151
ManageEngine Network Configuration Manager=12.3-build123156
ManageEngine Network Configuration Manager=12.3-build123159
ManageEngine Network Configuration Manager=12.3-build123169
ManageEngine Network Configuration Manager=12.3-build123177
ManageEngine Network Configuration Manager=12.3-build123179
ManageEngine Network Configuration Manager=12.3-build123191
ManageEngine Network Configuration Manager=12.3-build123194
ManageEngine Network Configuration Manager=12.3-build123206
ManageEngine Network Configuration Manager=12.3-build123207
ManageEngine Network Configuration Manager=12.3-build123214
ManageEngine Network Configuration Manager=12.3-build123215
ManageEngine Network Configuration Manager=12.3-build123217
ManageEngine Network Configuration Manager=12.3-build123218
ManageEngine Network Configuration Manager=12.3-build123222
ManageEngine Network Configuration Manager=12.3-build123223
ManageEngine Network Configuration Manager=12.3-build123231
ManageEngine Network Configuration Manager=12.3-build123237
ManageEngine Network Configuration Manager=12.3-build123239
ManageEngine Network Configuration Manager=12.3-build123274
ManageEngine Network Configuration Manager=12.3-build123277
ManageEngine Network Configuration Manager=12.3-build123279
ManageEngine Network Configuration Manager=12.3-build123288
ManageEngine Network Configuration Manager=12.3-build123304
ManageEngine Network Configuration Manager=12.3-build123306
ManageEngine Network Configuration Manager=12.3-build123312
ManageEngine Network Configuration Manager=12.3-build123323
ManageEngine Network Configuration Manager=12.3-build123327
ManageEngine Network Configuration Manager=12.5
ManageEngine Network Configuration Manager=12.5-build125000
ManageEngine Network Configuration Manager=12.5-build125108
ManageEngine Network Configuration Manager=12.5-build125112
ManageEngine Network Configuration Manager=12.5-build125115
ManageEngine Network Configuration Manager=12.5-build125116
ManageEngine Network Configuration Manager=12.5-build125120
ManageEngine Network Configuration Manager=12.5-build125121
ManageEngine Network Configuration Manager=12.5-build125125
ManageEngine Network Configuration Manager=12.5-build125129
ManageEngine Network Configuration Manager=12.5-build125136
ManageEngine Network Configuration Manager=12.5-build125142
ManageEngine Network Configuration Manager=12.5-build125149
ManageEngine Network Configuration Manager=12.5-build125180
ManageEngine Network Configuration Manager=12.5-build125195
ManageEngine Network Configuration Manager=12.5-build125199
ManageEngine Network Configuration Manager=12.5-build125212
ManageEngine Network Configuration Manager=12.5-build125213
ManageEngine Network Configuration Manager=12.5-build125216
ManageEngine Network Configuration Manager=12.5-build125228
ManageEngine Network Configuration Manager=12.5-build125232
ManageEngine Network Configuration Manager=12.5-build125233
ManageEngine Network Configuration Manager=12.5-build125234
ManageEngine Network Configuration Manager=12.5-build125323
ManageEngine Network Configuration Manager=12.5-build125325
ManageEngine Network Configuration Manager=12.5-build125327
ManageEngine Network Configuration Manager=12.5-build125329
ManageEngine Network Configuration Manager=12.5-build125343
ManageEngine Network Configuration Manager=12.5-build125345
ManageEngine Network Configuration Manager=12.5-build125358
ManageEngine Network Configuration Manager=12.5-build125362
ManageEngine Network Configuration Manager=12.5-build125363
ManageEngine Network Configuration Manager=12.5-build125378
ManageEngine Network Configuration Manager=12.5-build125392
ManageEngine Network Configuration Manager=12.5-build125399
ManageEngine Network Configuration Manager=12.5-build125417
ManageEngine Network Configuration Manager=12.5-build125445

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2021-41081?

    CVE-2021-41081 is a high severity vulnerability due to its susceptibility to SQL injection attacks.

  • How do I fix CVE-2021-41081?

    To fix CVE-2021-41081, update Zoho ManageEngine Network Configuration Manager to version 12.5 or later.

  • What versions of Zoho ManageEngine Network Configuration Manager are affected by CVE-2021-41081?

    CVE-2021-41081 affects versions prior to 12.5, including several builds within the 12.3 and 12.4 ranges.

  • What type of vulnerability is CVE-2021-41081?

    CVE-2021-41081 is classified as an SQL Injection vulnerability.

  • Is CVE-2021-41081 being actively exploited?

    While there have been reports of significant risk, it is important to regularly monitor security updates from Zoho for specific exploitation details.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203