CVE-2020-28653

CVE-2020-28653

EPSS 78.7%

Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/164231/ManageEngine-OpManager-SumPDU-Java-Deserialization.html https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125203 https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125233