ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine AdSelfService Plus versions
6210 and below. Due to a dependency to an outdated library (Apache
Santuario version 1.4.1), it is possible to execute arbitrary code by
providing a crafted samlResponse XML to the ADSelfService Plus SAML
endpoint. Note that the target is only vulnerable if it has been
configured with SAML-based SSO at least once in the past, regardless of
the current SAML-based SSO status.
https://packetstormsecurity.com/files/170925/manageengine_adselfservice_plus_saml_rce_cve_2022_47966.rb.txt
Wed, 08 Feb 2023 16:29:15 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com (2:467/4.444)