Researchers have discovered critical vulnerabilities in Zoho’s ManageEnging suite that can lead to data loss and possible remote code execution.
Researchers have found multiple critical flaws in the IT help desk software ManageEngine, made by Zoho Corp. In all, seven vulnerabilities were discovered, each allowing an attacker to ultimately take control of host servers running ManageEngine’s SaaS suite of applications.
According to researchers at Digital Defense that found the flaws, each of the bugs are application layer vulnerabilities, which reside in the web-rpc services of the affected software suites. Researchers there published a blog on Wednesday outlining their findings.
For More Details :
https://threatpost.com/multiple-critical-flaws-found-in-zohos-manageengine/129709/
