2022-04-24 09:45:34 +00:00
id : CVE-2021-44077
info :
name : Zoho ManageEngine ServiceDesk Plus - Remote Code Execution
author : Adam Crosser,gy741
severity : critical
description : Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution.
reference :
- https://www.cisa.gov/uscert/ncas/alerts/aa21-336a
- https://unit42.paloaltonetworks.com/tiltedtemple-manageengine-servicedesk-plus/
- https://github.com/horizon3ai/CVE-2021-44077
- https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manageengine_servicedesk_plus_cve_2021_44077.rb
2022-05-18 20:58:07 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2021-44077
2022-04-24 09:45:34 +00:00
classification :
2022-05-17 09:18:12 +00:00
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score : 9.8
2022-04-24 09:45:34 +00:00
cve-id : CVE-2021-44077
2022-05-17 09:18:12 +00:00
cwe-id : CWE-287
2022-08-27 04:41:18 +00:00
tags : rce,kev,msf,cve,cve2021,zoho,manageengine
2022-04-24 09:45:34 +00:00
requests :
- method : GET
path :
- "{{BaseURL}}/RestAPI/ImportTechnicians"
matchers-condition : and
matchers :
- type : word
words :
- '<form name="ImportTechnicians"'
- type : status
status :
2022-05-18 20:58:07 +00:00
- 200
# Enhanced by mp on 2022/05/18