Zoho ManageEngine ServiceDesk Plus 14003 Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine ServiceDesk Plus versions
14003 and below (CVE-2022-47966). Due to a dependency to an outdated
library (Apache Santuario version 1.4.1), it is possible to execute
arbitrary code by providing a crafted samlResponse XML to the ServiceDesk
Plus SAML endpoint. Note that the target is only vulnerable if it has been configured with SAML-based SSO at least once in the past, regardless of
the current SAML-based SSO status.
https://packetstormsecurity.com/files/170882/manageengine_servicedesk_plus_saml _rce_cve_2022_47966.rb.txt
Tue, 07 Feb 2023 17:23:32 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com