zohocorp security advisories
6 threat alerts tracking vulnerabilities and security advisories that affect zohocorp products.
Vulnios monitors zohocorp CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent zohocorp security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2015-2560 — zohocorp — manageengine_desktop_central
Manage Engine Desktop Central 9 before build 90135 allows remote attackers to change passwords of users with the Administrator role via an addOrModifyUser operation to servlets/DCOperationsServlet.
criticalCVE-2015-2560Critical Vulnerability: CVE-2017-11346 — zohocorp — manageengine_desktop_central
Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.
criticalCVE-2017-11346Critical Vulnerability: CVE-2017-7213 — zohocorp — manageengine_desktop_central
Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors.
criticalCVE-2017-7213Critical Vulnerability: CVE-2016-6600 — zohocorp — webnms_framework
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the
criticalCVE-2016-6600Critical Vulnerability: CVE-2016-6602 — zohocorp — webnms_framework
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/s
criticalCVE-2016-6602Critical Vulnerability: CVE-2016-6603 — zohocorp — webnms_framework
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
criticalCVE-2016-6603
Track zohocorp exposure across your environment
Vulnios automatically cross-references your asset inventory against new zohocorp CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan