CVE-2021-40539
CVE-2021-40539
In short
A vulnerability in Zoho ManageEngine ADSelfService Plus allows attackers to bypass security checks on the REST API and execute malicious code remotely without proper authentication. This is critical because it gives complete control of the affected system.
Technical detail
REST API authentication bypass in ADSelfService Plus ≤6113 permits unauthenticated remote code execution. The vulnerability exists in API endpoint validation, allowing attackers to invoke privileged operations without valid credentials, resulting in arbitrary command execution with application privileges.
Summary generated and translated by AI from the official description.
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 6
githubgithub.com/synacktiv/CVE-2021-40539★ 48githubgithub.com/DarkSprings/CVE-2021-40539★ 2githubgithub.com/Bu0uCat/ADSelfService-Plus-RCE-CVE-2021-40539★ 2githubgithub.com/lpyydxs/CVE-2021-40539★ 1githubgithub.com/lpyzds/CVE-2021-40539★ 0cve_referencepacketstormsecurity.com/files/165085/ManageEngine-ADSelfService-Plus-Authentication-Bypass-Code-Execution.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/165085/ManageEngine-ADSelfService-Plus-Authentication-Bypass-Code-Execution.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-40539https://www.manageengine.comhttps://www.manageengine.com/products/self-service-password/kb/how-to-fix-authentication-bypass-vulnerability-in-REST-API.html