2 results (0.003 seconds)
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2024-5471 – Agent takeover
https://notcve.org/view.php?id=CVE-2024-5471
17 Jul 2024 — Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys. • https://www.manageengine.com/dns-dhcp-ipam/security-updates/cve-2024-5471.html • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27311 – Arbitrary file writing
https://notcve.org/view.php?id=CVE-2024-27311
17 Jul 2024 — Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder. • https://www.manageengine.com/dns-dhcp-ipam/security-updates/cve-2024-27311.html • CWE-434: Unrestricted Upload of File with Dangerous Type •