Manageengine Network Configuration Manager

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-08	CVE-2023-47211	Path Traversal vulnerability in Zohocorp products A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. network low complexity zohocorp CWE-22	8.6
2023-11-15	CVE-2023-6105	Unspecified vulnerability in Zohocorp products An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. local low complexity zohocorp	5.5
2023-08-04	CVE-2023-29505	Origin Validation Error vulnerability in Zohocorp Manageengine Network Configuration Manager 12.6 An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. network low complexity zohocorp CWE-346	8.8
2022-08-29	CVE-2022-38772	Unspecified vulnerability in Zohocorp products Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP feature. network low complexity zohocorp	8.8
2022-08-10	CVE-2022-36923	Improper Handling of Exceptional Conditions vulnerability in Zohocorp products Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external APIs. network low complexity zohocorp CWE-755	7.5
2022-08-10	CVE-2022-37024	Unspecified vulnerability in Zohocorp products Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution. network low complexity zohocorp	8.8
2022-07-18	CVE-2022-35404	Improper Input Validation vulnerability in Zohocorp products ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine. network low complexity zohocorp CWE-20	8.2
2021-11-30	CVE-2021-43319	Command Injection vulnerability in Zohocorp Manageengine Network Configuration Manager Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality. network low complexity zohocorp CWE-77 critical	9.8
2021-11-11	CVE-2021-41080	SQL Injection vulnerability in Zohocorp Manageengine Network Configuration Manager 12.4/12.5 Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search. network low complexity zohocorp CWE-89 critical	9.8
2021-11-11	CVE-2021-41081	SQL Injection vulnerability in Zohocorp Manageengine Network Configuration Manager 12.4/12.5 Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search. network low complexity zohocorp CWE-89 critical	9.8