CVE-2022-28810 - Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
CVE-2022-28810
Zoho | ManageEngine
- Date Added:
- 2023-03-07
- Due Date:
- 2023-03-28
- Vulnerability Name
Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
- Description
Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html; https://nvd.nist.gov/vuln/detail/CVE-2022-28810
Free online web security scanner