CVE

CVE-2022-28810

admin

CVE-2022-28810

Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote code execution via executable CMD.EXE input in a password field, This only occurs if a certain password sync feature is enabled that uses passwords as script arguments.

Source: CVE-2022-28810

Exit mobile version