CVE-2014-6034

ManageEngine OpManager 8.8-11.3, Social IT Plus 11.0, IT360 <=10.4 - Path Traversal & Arbitrary File Write

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2014-6034. PoCs published by Pedro Ribeiro, including Metasploit module exploits/multi/http/opmanager_socialit_file_upload.

AI-analyzed exploit summary This Metasploit module exploits an unauthenticated file upload vulnerability in ManageEngine OpManager and Social IT via the FileCollector servlet, allowing deployment of a malicious WAR file for remote code execution.

Description

Directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet in ZOHO ManageEngine OpManager 8.8 through 11.3, Social IT Plus 11.0, and IT360 10.4 and earlier allows remote attackers or remote authenticated users to write to and execute arbitrary WAR files via a .. (dot dot) in the regionID parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Pedro Ribeiro · rubyremotejava
https://www.exploit-db.com/exploits/34867

This Metasploit module exploits an unauthenticated file upload vulnerability in ManageEngine OpManager and Social IT via the FileCollector servlet, allowing deployment of a malicious WAR file for remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ManageEngine OpManager v8.8 - v11.3, Social IT Plus 11.0
No auth needed
Prerequisites: Network access to target · Tomcat running with default or vulnerable configuration
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP
webappsmultiple
https://www.exploit-db.com/exploits/43896

This is a detailed technical writeup describing multiple vulnerabilities in ManageEngine OpManager, Social IT Plus, and IT360, including remote code execution via WAR file upload, arbitrary file deletion, and blind SQL injection. It provides specific endpoints, payload formats, and affected versions.

Classification
Writeup 100%
Attack Type
Rce | Sqli | Other
Complexity
Moderate
Reliability
Reliable
Target: ManageEngine OpManager (v8.8 to v11.4), Social IT Plus (v11.0), IT360 (v? to v10.4)
No auth needed
Prerequisites: Network access to the target application
devstral-2 · analyzed Feb 19, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/opmanager_socialit_file_upload.rb

This Metasploit module exploits an unauthenticated file upload vulnerability in ManageEngine OpManager and Social IT via the FileCollector servlet. It uploads a malicious WAR file to achieve remote code execution on the target system.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ManageEngine OpManager v8.8 - v11.3, Social IT Plus 11.0
No auth needed
Prerequisites: Network access to the target · Tomcat server running on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

EPSS 0.7948
EPSS Percentile 99.6%

Details

CWE
CWE-22
Status published
Products (14)
zohocorp/manageengine_it360 < 10.4
zohocorp/manageengine_opmanager 8.8
zohocorp/manageengine_opmanager 9.0
zohocorp/manageengine_opmanager 9.1
zohocorp/manageengine_opmanager 9.2
zohocorp/manageengine_opmanager 9.4
zohocorp/manageengine_opmanager 10.0
zohocorp/manageengine_opmanager 10.1
zohocorp/manageengine_opmanager 10.2
zohocorp/manageengine_opmanager 11.0
... and 4 more
Published Dec 04, 2014
Tracked Since Feb 18, 2026