CVE-2024-2370

Name of the Vulnerable Software and Affected Versions ManageEngine Desktop Central version 9, build 90055

Description A critical flaw in ManageEngine Desktop Central poses a major security risk due to an unrestricted file upload vulnerability. This issue could allow a remote attacker to upload a malicious file to the system without any credentials provided.

Recommendations For ManageEngine Desktop Central version 9, build 90055, consider disabling the file upload feature until a patch is available to prevent exploitation. Restrict access to the system to minimize the risk of malicious file uploads. At the moment, there is no information about a newer version that contains a fix for this vulnerability.