Main Vulnerability Database Exploits ID:12246 - Exploit for Arbitrary file upload in ManageEngine Applications Manager - CVE-2020-14008

ID:12246 - Exploit for Arbitrary file upload in ManageEngine Applications Manager - CVE-2020-14008

Published: January 4, 2026

Vulnerability identifier: #VU46816

Vulnerability risk: Medium

CVE-ID: CVE-2020-14008

CWE-ID: CWE-434

Exploitation vector: Remote access

Vulnerable software:
ManageEngine Applications Manager

Link to public exploit:

https://github.com/JackHars/cve-2020-14008

Vulnerability description

The vulnerability allows a remote privileged user to execute arbitrary code.

Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution.

Remediation

Install update from vendor's website.

ID:12246 - Exploit for Arbitrary file upload in ManageEngine Applications Manager - CVE-2020-14008

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human