← back
CVE-2017-11561

CVE-2017-11561

EPSS 2.1%
An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://manageengine.comhttp://opmanager.comhttps://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18736