Code Injection in Zoho ManageEngine ServiceDesk Plus - CVE-2021-20081
Published: June 14, 2021
Zoho ManageEngine ServiceDesk Plus
Detailed vulnerability description
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation. A remote administrator can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.