← back
CVE-2018-11716

CVE-2018-11716

EPSS 14.3%
An issue was discovered in Zoho ManageEngine Desktop Central before 100230. There is unauthenticated remote access to all log files of a Desktop Central instance containing critical information (private information such as location of enrolled devices, cleartext passwords, patching level, etc.) via a GET request on port 8022, 8443, or 8444.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blog.netxp.fr/manageengine-deep-exploitation/https://www.manageengine.com/products/desktop-central/vulnerability-in-log-files.html