module
ManageEngine Desktop Central AgentLogUpload Arbitrary File Upload
| Disclosed |
|---|
| Nov 11, 2013 |
Disclosed
Nov 11, 2013
Description
This module exploits an arbitrary file upload vulnerability in Desktop Central v7 to
v8 build 80293. A malicious user can upload a JSP file into the web root without
authentication, leading to arbitrary code execution as SYSTEM.
v8 build 80293. A malicious user can upload a JSP file into the web root without
authentication, leading to arbitrary code execution as SYSTEM.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.