Vulnerabilities

CVE-2022-28810

by Fred · 18/04/2022

Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote code execution via executable CMD.EXE input in a password field, This only occurs if a certain password sync feature is enabled that uses passwords as script arguments.

Date published : 2022-04-18

https://www.manageengine.com/products/self-service-password/kb/cve-2022-28810.html

Similar

Tags: Cybersecurity Alert