CVE-2014-5006
Zohocorp Manageengine Desktop Central < 9.0 - Path Traversal
Title source: ruleDescription
Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter to mdm/mdmLogUploader.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/34594
References (5)
Scores
EPSS
0.5590
EPSS Percentile
98.1%
Details
CWE
CWE-22
Status
published
Products (1)
zohocorp/manageengine_desktop_central
< 9.0
Published
Oct 21, 2014
Tracked Since
Feb 18, 2026