Vulnerability Details CVE-2021-37924
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.374
EPSS Ranking 97.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-37924
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:-
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.2
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.5.7
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.6
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.6.5
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0
-
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1