Vulnerabilities > Zohocorp > Manageengine Firewall Analyzer > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-08	CVE-2023-47211	Path Traversal vulnerability in Zohocorp products A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. network low complexity zohocorp CWE-22	8.6
2022-08-10	CVE-2022-36923	Improper Handling of Exceptional Conditions vulnerability in Zohocorp products Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs. network low complexity zohocorp CWE-755	7.5
2022-08-10	CVE-2022-37024	Unspecified vulnerability in Zohocorp products Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution. network low complexity zohocorp	8.8
2022-07-18	CVE-2022-35404	Improper Input Validation vulnerability in Zohocorp products ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine. network low complexity zohocorp CWE-20	8.2
2019-11-21	CVE-2019-17421	Incorrect Default Permissions vulnerability in Zohocorp products Incorrect file permissions on the packaged Nipper executable file in Zoho ManageEngine OpManager 12.4.072 and Firewall Analyzer 12.4.072 allow local users to elevate privileges to root by overwriting this file with a malicious payload. local low complexity zohocorp CWE-276	7.8
2017-09-04	CVE-2017-14123	Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Firewall Analyzer 12.2 Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. network low complexity zohocorp CWE-434	8.8
2017-06-27	CVE-2015-7781	Permission Issues vulnerability in Zohocorp Manageengine Firewall Analyzer 7.2/7.4/7.6 ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions. network low complexity zohocorp CWE-275	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.