Hardcoded Password Vulnerability in ZOHO ManageEngine OpManager 11.5 build 11600 and Earlier
CVE-2015-7765 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardcoded password of "plugin" for the IntegrationUser account, which allows remote authenticated users to obtain administrator access by leveraging knowledge of this password.
Learn more about our User Device Pen Test.