CVE-2014-9331

ZOHO ManageEngine Desktop Central <9 - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9331. PoCs published by Mohamed Idris.

AI-analyzed exploit summary This is a CSRF exploit for ManageEngine Desktop Central 9 that adds an admin user 'Hacker' with password 'HackerPass' when an authenticated admin clicks the link. It targets versions below build 90121.

Description

Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central before 9 build 90130 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an addUser action to STATE_ID/1417736606982/roleMgmt.do.

Exploits (1)

exploitdb WORKING POC
by Mohamed Idris · htmlwebappsmultiple
https://www.exploit-db.com/exploits/35980

This is a CSRF exploit for ManageEngine Desktop Central 9 that adds an admin user 'Hacker' with password 'HackerPass' when an authenticated admin clicks the link. It targets versions below build 90121.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: ManageEngine Desktop Central 9 (below build 90121)
Auth required
Prerequisites: Authenticated admin session · Target server IP address
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/72464
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/35980
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534604/100/0/threaded

Scores

EPSS 0.0461
EPSS Percentile 90.5%

Details

CWE
CWE-352
Status published
Products (1)
zohocorp/manageengine_desktop_central < 9.0
Published Feb 04, 2015
Tracked Since Feb 18, 2026