VYPR

Asset Explorer Agent

by Manageengine

CVEs (3)

  • CVE-2021-20110CriJul 19, 2021
    risk 0.64cvss 9.8epss 0.07

    Due to Manage Engine Asset Explorer Agent 1.0.34 not validating HTTPS certificates, an attacker on the network can statically configure their IP address to match the Asset Explorer's Server IP address. This will allow an attacker to send a NEWSCAN request to a listening agent on…

  • CVE-2025-8309HigAug 20, 2025
    risk 0.53cvss 8.1epss 0.00

    There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp. This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions…

  • CVE-2021-20108HigJul 19, 2021
    risk 0.49cvss 7.5epss 0.03

    Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 for incoming commands over HTTPS from Manage Engine Server. The HTTPS certificates are not verified which allows any arbitrary user on the network to send commands over port 9000. While these commands may not be…