module
ManageEngine ADSelfService Plus CVE-2021-40539
| Disclosed |
|---|
| Sep 7, 2021 |
Disclosed
Sep 7, 2021
Description
This module exploits CVE-2021-40539, a REST API authentication bypass
vulnerability in ManageEngine ADSelfService Plus, to upload a JAR and
execute it as the user running ADSelfService Plus - which is SYSTEM if
started as a service.
vulnerability in ManageEngine ADSelfService Plus, to upload a JAR and
execute it as the user running ADSelfService Plus - which is SYSTEM if
started as a service.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.