CVE-2020-10189 – Zoho ManageEngine Desktop Central File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2020-10189
Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. Zoho ManageEngine Desktop Central anterior a la versión 10.0.474 permite la ejecución remota de código debido a la deserialización de datos no seguros en getChartImage en la clase FileStorage. Esto está relacionado con los servlets CewolfServlet y MDMLogUploaderServlet. Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution. • https://www.exploit-db.com/exploits/48224 https://github.com/zavke/CVE-2020-10189-ManageEngine http://packetstormsecurity.com/files/156730/ManageEngine-Desktop-Central-Java-Deserialization.html https://cwe.mitre.org/data/definitions/502.html https://srcincite.io/advisories/src-2020-0011 https://srcincite.io/pocs/src-2020-0011.py.txt https://www.manageengine.com/products/desktop-central/remote-code-execution-vulnerability.html https://www.zdnet.com/article/zoho-zero-day-published-on-twitter https: • CWE-502: Deserialization of Untrusted Data •
CVE-2013-7390 – ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
https://notcve.org/view.php?id=CVE-2013-7390
Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot. Una vulnerabilidad de carga de archivos sin restricciones en la función AgentLogUploadServlet en ManageEngine DesktopCentral versiones 7.x y 8.0.0 anterior al build 80293, permite a atacantes remotos ejecutar código arbitrario mediante la carga de un archivo con una extensión jsp y luego acceder a él mediante una petición directa al archivo en la root web. • https://www.exploit-db.com/exploits/34518 https://www.exploit-db.com/exploits/29674 https://www.exploit-db.com/exploits/29812 http://seclists.org/fulldisclosure/2013/Nov/130 https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/desktopcentral_file_upload.rb http://security-assessment.com/files/documents/advisory/Desktop%20Central%20Arbitrary%20File%20Upload.pdf https://seclists.org/fulldisclosure/2013/Nov/130 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-16833 – ManageEngine Desktop Central 10.0.271 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-16833
Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI. Zoho ManageEngine Desktop Central 10.0.271 tiene Cross-Site Scripting (XSS) mediante el campo de búsqueda "Features Articles" en el URI /advsearch.do?SUBREQUEST=XMLHTTP. ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/149436/ManageEngine-Desktop-Central-10.0.271-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-13411
https://notcve.org/view.php?id=CVE-2018-13411
An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. Se detectó un problema en Zoho ManageEngine Desktop Central antes de la versión 10.0.282. Un logotipo de la empresa sobre el que se puede hacer clic en una ventana que se ejecuta como SISTEMA puede ser abusado para escalar privilegios. • http://www.securityfocus.com/bid/105348 https://github.com/AJ-SA/Zoho-ManageEngine/blob/master/README.md https://www.manageengine.com/products/desktop-central/elevation-of-system-privilege.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2018-13412
https://notcve.org/view.php?id=CVE-2018-13412
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. Se detectó un problema en el Portal de Autoservicio en Zoho ManageEngine Desktop Central antes de la versión 10.0.282. Un logotipo de la empresa sobre el que se puede hacer clic en una ventana que se ejecuta como SISTEMA puede ser abusado para escalar privilegios. • http://www.securityfocus.com/bid/105348 https://github.com/AJ-SA/Zoho-ManageEngine/blob/master/README.md https://www.manageengine.com/products/desktop-central/elevation-of-system-privilege.html • CWE-732: Incorrect Permission Assignment for Critical Resource •