CVE-2014-5005

ManageEngine Desktop Central < 9.0 - Remote Code Execution via File Upload Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2014-5005. PoCs published by Metasploit, including Metasploit module exploits/windows/http/desktopcentral_statusupdate_upload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine Desktop Central (CVE-2014-5005), allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as SYSTEM.

Description

Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter in an LFU action to statusUpdate.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/34594

This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine Desktop Central (CVE-2014-5005), allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as SYSTEM.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ManageEngine Desktop Central v7 to v9 build 90054
No auth needed
Prerequisites: Network access to the target server on port 8020 · Target running a vulnerable version of ManageEngine Desktop Central
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP
webappsjsp
https://www.exploit-db.com/exploits/34518

This is a technical writeup detailing multiple unauthenticated arbitrary file upload vulnerabilities in ManageEngine Desktop Central, leading to remote code execution as SYSTEM. It includes specific HTTP request formats, affected versions, and patch information.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: ManageEngine Desktop Central (v7 to v9 build 90054)
No auth needed
Prerequisites: Network access to the target · Valid JSP shell payload
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/desktopcentral_statusupdate_upload.rb

This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine Desktop Central (CVE-2014-5005), allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as SYSTEM.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ManageEngine Desktop Central v7 to v9 build 90054
No auth needed
Prerequisites: Network access to the target server · Desktop Central service running on port 8020
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Aug/88
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/110643
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/34594

Scores

EPSS 0.7785
EPSS Percentile 99.5%

Details

CWE
CWE-22
Status published
Products (1)
zohocorp/manageengine_desktop_central < 9.0
Published Oct 21, 2014
Tracked Since Feb 18, 2026