← back
CVE-2020-12116

CVE-2020-12116

EPSS 97.4%
Vexday Risk Score
40Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS EPSS 97.4%KEV nãoPoC Nuclei simMetasploit Patch
Lifecycle
07 May 2020Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.manageengine.com/network-monitoring/help/read-me-complete.htmlhttps://www.manageengine.com/network-monitoring/help/read-me-complete.html#125125