Vulnerability Database

296,760

Total vulnerabilities in the database

CVE-2020-21642

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.

  • Published: Aug 15, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2020-21642
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
zohocorp / manageengine_analytics_plus 2.9-build2907 2.9-build2907.x
zohocorp / manageengine_analytics_plus 2.9-build2906 2.9-build2906.x
zohocorp / manageengine_analytics_plus 2.9-build2905 2.9-build2905.x
zohocorp / manageengine_analytics_plus 2.9-build2904 2.9-build2904.x
zohocorp / manageengine_analytics_plus 2.9-build2903 2.9-build2903.x
zohocorp / manageengine_analytics_plus 2.9-build2902 2.9-build2902.x
zohocorp / manageengine_analytics_plus 2.9-build2901 2.9-build2901.x
zohocorp / manageengine_analytics_plus 2.9-build2900 2.9-build2900.x
zohocorp / manageengine_analytics_plus 3.0-build3050 3.0-build3050.x
zohocorp / manageengine_analytics_plus 3.0-build3040 3.0-build3040.x
zohocorp / manageengine_analytics_plus 3.0-build3030 3.0-build3030.x
zohocorp / manageengine_analytics_plus 3.0-build3020 3.0-build3020.x
zohocorp / manageengine_analytics_plus 3.0-build3010 3.0-build3010.x
zohocorp / manageengine_analytics_plus 3.0-build3000 3.0-build3000.x
zohocorp / manageengine_analytics_plus 3.1-build3140 3.1-build3140.x
zohocorp / manageengine_analytics_plus 3.1-build3130 3.1-build3130.x
zohocorp / manageengine_analytics_plus 3.1-build3120 3.1-build3120.x
zohocorp / manageengine_analytics_plus 3.1-build3110 3.1-build3110.x
zohocorp / manageengine_analytics_plus 3.1-build3100 3.1-build3100.x
zohocorp / manageengine_analytics_plus 3.2-build3250 3.2-build3250.x
zohocorp / manageengine_analytics_plus 3.2-build3200 3.2-build3200.x
zohocorp / manageengine_analytics_plus 3.3-build3310 3.3-build3310.x
zohocorp / manageengine_analytics_plus 3.3-build3300 3.3-build3300.x
zohocorp / manageengine_analytics_plus 3.4-build3450 3.4-build3450.x
zohocorp / manageengine_analytics_plus 3.4-build3400 3.4-build3400.x
zohocorp / manageengine_analytics_plus 3.5-build3500 3.5-build3500.x
zohocorp / manageengine_analytics_plus 3.6-build3600 3.6-build3600.x
zohocorp / manageengine_analytics_plus 3.7-build3700 3.7-build3700.x
zohocorp / manageengine_analytics_plus 3.8-build3800 3.8-build3800.x
zohocorp / manageengine_analytics_plus 3.9-build3950 3.9-build3950.x
zohocorp / manageengine_analytics_plus 3.9-build3900 3.9-build3900.x
zohocorp / manageengine_analytics_plus 4.0-build4000 4.0-build4000.x
zohocorp / manageengine_analytics_plus 4.1-build4150 4.1-build4150.x
zohocorp / manageengine_analytics_plus 4.1-build4100 4.1-build4100.x
zohocorp / manageengine_analytics_plus 4.2-build4280 4.2-build4280.x
zohocorp / manageengine_analytics_plus 4.2-build4270 4.2-build4270.x
zohocorp / manageengine_analytics_plus 4.2-build4260 4.2-build4260.x
zohocorp / manageengine_analytics_plus 4.2-build4250 4.2-build4250.x
zohocorp / manageengine_analytics_plus 4.2-build4200 4.2-build4200.x
zohocorp / manageengine_analytics_plus 4.3-build4300 4.3-build4300.x
zohocorp / manageengine_analytics_plus 4.3-build4310 4.3-build4310.x