VYPR
High severity7.5NVD Advisory· Published Nov 8, 2017· Updated Jun 17, 2026

CVE-2017-11512

CVE-2017-11512

Description

The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.