Remote Code Execution Vulnerability in Zoho ManageEngine OpManager Stable Build

Remote Code Execution Vulnerability in Zoho ManageEngine OpManager Stable Build

CVE-2020-28653 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.

Learn more about our Web Application Penetration Testing UK.