CVSS: 8.2EPSS: 0%CPEs: 336EXPL: 0CVE-2022-35404
https://notcve.org/view.php?id=CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine. ManageEngine Password Manager Pro versiones 12100 y anteriores y OPManager versiones 126100 y anteriores son vulnerables a una creación no autorizada de archivos y directorios en un equipo servidor • https://manageengine.com https://www.manageengine.com/itom/advisory/cve-2022-35404.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 124EXPL: 0CVE-2021-43319
https://notcve.org/view.php?id=CVE-2021-43319
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality. Zoho ManageEngine Network Configuration Manager versiones anteriores a 125488, es vulnerable a una inyección de comandos debido a que la comprobación de la funcionalidad Ping no es apropiada • https://manageengine.com https://www.manageengine.com/network-configuration-manager/release-notes.html#125488 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.8EPSS: 41%CPEs: 69EXPL: 1CVE-2021-41081
https://notcve.org/view.php?id=CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search. Zoho ManageEngine Network Configuration Manager versiones anteriores a 125465, es vulnerable a una inyección de SQL en una búsqueda de configuración • https://github.com/sudaiv/CVE-2021-41081 https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41081.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 41%CPEs: 69EXPL: 0CVE-2021-41080
https://notcve.org/view.php?id=CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a hardware details search. Zoho ManageEngine Network Configuration Manager versiones anteriores a 125465, es vulnerable a una inyección de SQL en una búsqueda de detalles de hardware • https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41080.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •