CVE-2021-37762
Description
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.
Vulnerability
The vulnerability exists in Zoho ManageEngine ADManager Plus version 7110 and prior. It allows unrestricted file overwrite, enabling an attacker to overwrite arbitrary files on the server [1].
Exploitation
An attacker can exploit this by sending crafted requests to overwrite files. The exact prerequisites are not disclosed in available references, but likely require network access and possibly authentication depending on the affected endpoint.
Impact
Successful exploitation leads to remote code execution, as the attacker can overwrite critical files (e.g., configuration or executable files) to gain control of the server.
Mitigation
The issue is fixed in version 7111 [1]. Users should upgrade to version 7111 or later. No workaround is mentioned in the available references.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Zoho/ManageEngine ADManager Plusdescription
- Range: <=7110
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.manageengine.commitrex_refsource_MISC
- www.manageengine.com/products/ad-manager/release-notes.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.