CVE-2014-5006

ManageEngine Desktop Central < 9.0 - Remote Code Execution via File Upload Path Traversal

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-5006. PoCs published by Metasploit.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine Desktop Central (CVE-2014-5005), allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as SYSTEM.

Description

Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (dot dot) in the fileName parameter to mdm/mdmLogUploader.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/34594

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in ManageEngine Desktop Central (CVE-2014-5005), allowing unauthenticated attackers to upload a JSP file to the web root and achieve remote code execution as SYSTEM.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ManageEngine Desktop Central v7 to v9 build 90054

No auth needed

Prerequisites: Network access to the target server on port 8020 · Target running a vulnerable version of ManageEngine Desktop Central

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP

webappsjsp

https://www.exploit-db.com/exploits/34518

View Code ZIP pw:eip

The document provides a detailed technical analysis of multiple unauthenticated arbitrary file upload vulnerabilities in ManageEngine Desktop Central, leading to remote code execution as SYSTEM. It includes specific HTTP request formats, affected versions, and patch information for CVE-2014-5005, CVE-2014-5006, and CVE-2014-5007.