Vulnerability feed

Vulnerability

CVE-2022-35405

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-35405
Description:: Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)
Last updated date:: 11/05/2022

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 09/22/2022
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 07/18/2022
Reference url to background: https://github.com/viniciuspereiras/CVE-2022-35405

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/02/2022
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zoho_password_manager_pro_xml_rpc_rce.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/05/2022
Reference url to background: http://packetstormsecurity.com/files/167918/Zoho-Password-Manager-Pro-XML-RPC-Java-Deserialization.html

Vulnerability Feed Contributors About Blog

@inTheWild

©2023 |