Manageengine Firewall Analyzer
Sign in to watchby Zohocorp
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-14123 | Hig | 0.58 | 8.8 | 0.04 | Sep 4, 2017 | Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demonstrated by /itplus/FileStorage/302/shell.jsp. | |
| CVE-2015-7781 | Hig | 0.49 | 7.5 | 0.07 | Jun 27, 2017 | ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions. |