Zoho Password Manager Pro XML-RPC Java Deserialization Exploit
Discription

This Metasploit module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510. Unauthenticated attackers can send a crafted XML-RPC request containing malicious serialized data to /xmlrpc to gain remote command execution as the SYSTEM user.Read More

Back to Main

Subscribe for the latest news: