Arbitrary Directory Name Disclosure in Zoho ManageEngine ADAudit Plus (CVE-2021-XXXX)

Arbitrary Directory Name Disclosure in Zoho ManageEngine ADAudit Plus (CVE-2021-XXXX)

CVE-2023-50785 · LOW Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.

Learn more about our User Device Pen Test.