CVSS: 9.8EPSS: 38%CPEs: 6EXPL: 0CVE-2021-37539
https://notcve.org/view.php?id=CVE-2021-37539
27 Sep 2021 — Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. Zoho ManageEngine ADManager Plus versiones anteriores a 7111, es vulnerable a un archivo sin restricciones que conlleva a una ejecución de código remota • https://www.manageengine.com • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-37927
https://notcve.org/view.php?id=CVE-2021-37927
22 Sep 2021 — Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO. Zoho ManageEngine ADManager Plus versión 7110 y anteriores, permite una toma de control de cuentas por medio de SSO • https://www.manageengine.com • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.8EPSS: 21%CPEs: 5EXPL: 0CVE-2021-37925
https://notcve.org/view.php?id=CVE-2021-37925
22 Sep 2021 — Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability. Zoho ManageEngine ADManager Plus versión 7110 y anteriores, presenta una vulnerabilidad de inyección de comandos Post-Auth OS • https://www.manageengine.com • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 5%CPEs: 6EXPL: 0CVE-2021-37741
https://notcve.org/view.php?id=CVE-2021-37741
21 Sep 2021 — ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. ManageEngine ADManager Plus versiones anteriores a 7111, presenta vulnerabilidades de RCE de pre-autenticación • https://www.manageengine.com • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 6%CPEs: 5EXPL: 0CVE-2021-33911
https://notcve.org/view.php?id=CVE-2021-33911
17 Jul 2021 — Zoho ManageEngine ADManager Plus before 7110 allows remote code execution. Zoho ManageEngine ADManager Plus versiones anteriores a 7110, permite una ejecución de código remota • https://www.manageengine.com/products/ad-manager/release-notes.html#7110 •
CVSS: 6.1EPSS: 6%CPEs: 5EXPL: 0CVE-2021-36771
https://notcve.org/view.php?id=CVE-2021-36771
17 Jul 2021 — Zoho ManageEngine ADManager Plus before 7110 allows reflected XSS. Zoho ManageEngine ADManager Plus versiones anteriores a 7110, permite un ataque de tipo XSS reflejado • https://www.manageengine.com/products/ad-manager/release-notes.html#7110 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 6%CPEs: 5EXPL: 0CVE-2021-36772
https://notcve.org/view.php?id=CVE-2021-36772
17 Jul 2021 — Zoho ManageEngine ADManager Plus before 7110 allows stored XSS. Zoho ManageEngine ADManager Plus versiones anteriores a 7110, permite un ataque de tipo XSS almacenado • https://www.manageengine.com/products/ad-manager/release-notes.html#7110 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •