SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  ManageEngine ServiceDesk Information Disclosure

Category: WEB-ATTACKS      

The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.


Relevant Information