Zoho ManageEngine Endpoint Central / MSP 10.1.2228.10 Remote Code
Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine Endpoint Central and MSP
versions 10.1.2228.10 and below (CVE-2022-47966). Due to a dependency to
an outdated library (Apache Santuario version 1.4.1), it is possible to
execute arbitrary code by providing a crafted samlResponse XML to the
Endpoint Central SAML endpoint. Note that the target is only vulnerable if
it is configured with SAML-based SSO, and the service should be active.
https://packetstormsecurity.com/files/170943/manageengine_endpoint_central_saml_rce_cve_2022_47966.rb.txt
Thu, 09 Feb 2023 16:35:41 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com (2:467/4.444)