ManageEngine Applications Manager CVE-2018-7890 Remote Code Execution Vulnerability

ManageEngine Applications Manager is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the affected system. Failed exploit attempts may result in a denial-of-service condition.


Bugtraq ID: 103358
Class: Input Validation Error
CVE: CVE-2018-7890

Remote: Yes
Local: No
Published: Mar 08 2018 12:00AM
Updated: Mar 08 2018 12:00AM
Credit: Mehmet INCE
Vulnerable: Zoho ManageEngine Applications Manager 13.5

Not Vulnerable:


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.

Related Posts