Back to search
CVE-2014-7862
Published: Jan 4, 2018
Modified: Aug 6, 2024
PUBLISHED
Description
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
71849
vdb-entry
x_refsource_BID
20141231 [The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central
mailing-list
x_refsource_BUGTRAQ
desktopcentral-cve20147862-sec-bypass(99595)
vdb-entry
x_refsource_XF
20150102 [The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central
mailing-list
x_refsource_FULLDISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now