CVE-2013-7390

CRITICAL

ManageEngine DesktopCentral <8.0.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 4 public exploits for CVE-2013-7390. Includes Metasploit module exploits/windows/http/desktopcentral_file_upload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine DesktopCentral 8.0.0 below build 80293, allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution.

Description

Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot.

Exploits (4)

exploitdb WORKING POC
rubyremotewindows
https://www.exploit-db.com/exploits/29812

This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine DesktopCentral 8.0.0 below build 80293, allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ManageEngine DesktopCentral 8.0.0 (build < 80293)
No auth needed
Prerequisites: Network access to the target server on port 8020
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WORKING POC
webappsjsp
https://www.exploit-db.com/exploits/29674

The exploit demonstrates an arbitrary file upload vulnerability in ManageEngine DesktopCentral via the AgentLogUploadServlet, allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as NT-AUTHORITY\SYSTEM.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ManageEngine DesktopCentral < 80293
No auth needed
Prerequisites: Network access to the DesktopCentral server on port 8020
devstral-2 · analyzed Feb 19, 2026 Full analysis →
exploitdb WRITEUP
webappsjsp
https://www.exploit-db.com/exploits/34518

The document provides a detailed technical analysis of multiple arbitrary file upload vulnerabilities in ManageEngine Desktop Central, leading to unauthenticated remote code execution as SYSTEM. It includes specific HTTP request formats, affected versions, and patch details for CVE-2014-5005, CVE-2014-5006, and CVE-2013-7390.

Classification
Writeup 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ManageEngine Desktop Central (v7 to v9 build 90054)
No auth needed
Prerequisites: Network access to the target · Valid customerId for CVE-2013-7390
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/desktopcentral_file_upload.rb

This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine Desktop Central (CVE-2013-7390), allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as SYSTEM.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ManageEngine Desktop Central v7 to v8 build 80292
No auth needed
Prerequisites: Network access to the target server on port 8020
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Mailing List, Third Party Advisory x_refsource_misc
http://seclists.org/fulldisclosure/2013/Nov/130

Scores

CVSS v3 9.8
EPSS 0.6678
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
zohocorp/manageengine_desktop_central 7.0.0 - 8.0.0
Published Jan 27, 2020
Tracked Since Feb 18, 2026