← العودة للجدول
CVE-2014-5007
CVE-2014-5007 — Directory traversal vulnerability in the agentLogUploader servlet in ZOHO Manage
📅 2020-01-17
🔴 Critical 🔥 No NVD Exploit Vulnerability CVSS 9.8

📋 الوصف الكامل

Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename parameter.

💻 الأنظمة المتأثرة

Directory traversal vulnerability

⚠️ نوع التهديد

Exploit

🔗 CVE ID

CVE-2014-5007

📡 المصدر

NVD

✅ الحلول والتخفيف

Refer to CVE-2014-5007 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ←