Remote Command Execution Vulnerability in Zoho ManageEngine M365 Manager Plus

Remote Command Execution Vulnerability in Zoho ManageEngine M365 Manager Plus

CVE-2021-44650 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components.

Learn more about our Web Application Penetration Testing UK.