PT-2021-23426 · Zoho · Zoho Manageengine Patch Connect Plus

Moon

·

Published

2021-11-11

·

Updated

2021-11-15

·

CVE-2021-41833

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine Patch Connect Plus versions prior to 90099
Description The issue allows for unauthenticated remote code execution.
Recommendations For versions prior to 90099, update to version 90099 or later to resolve the issue.

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2021-41833

Affected Products

Zoho Manageengine Patch Connect Plus