Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication, and read sensitive information or upload an arbitrary ZIP archive to the server.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Manageengine_desktop_central | Zohocorp | * | 10.1.2137.9 (excluding) |
Manageengine_desktop_central_managed_service_providers | Zohocorp | * | 10.1.2137.9 (excluding) |