Vulnerability feed

Vulnerability

CVE-2021-40539

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2021-40539
Description:: Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
Last updated date:: 11/29/2021

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 09/09/2021
Reference url to background: https://twitter.com/TheHackersNews/status/1435842539513270274

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 09/23/2021
Reference url to background: https://cloudsek.com/threatintelligence/zoho-manageengine-cve-2021-40539-vulnerability-actively-exploited-in-the-wild

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 11/03/2021
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/03/2021
Reference url to background: https://github.com/synacktiv/CVE-2021-40539

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/24/2021
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manageengine_adselfservice_plus_cve_2021_40539.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/29/2021
Reference url to background: http://packetstormsecurity.com/files/165085/ManageEngine-ADSelfService-Plus-Authentication-Bypass-Code-Execution.html

Vulnerability Feed Contributors About Blog

@inTheWild

©2023 |