SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  ManageEngine OpManager Directory Traversal

Category: WEB-ATTACKS      

Directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet in ZOHO ManageEngine OpManager 8.8 through 11.3, Social IT Plus 11.0, and IT360 10.4 and earlier allows remote attackers or remote authenticated users to write to and execute arbitrary WAR files via a .. (dot dot) in the regionID parameter.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6034


Relevant Information