CVE-2015-7765

ZOHO ManageEngine OpManager <11.5.11600 - Auth Bypass

Title source: llm

Description

ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardcoded password of "plugin" for the IntegrationUser account, which allows remote authenticated users to obtain administrator access by leveraging knowledge of this password.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotejava

https://www.exploit-db.com/exploits/38221

View Code ZIP pw:eip

metasploit WORKING POC MANUAL

rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manage_engine_opmanager_rce.rb

View Code ZIP pw:eip

References (5)

[Exploit] http://packetstormsecurity.com/files/133596/ManageEngine-OpManager-Remote-Code-Execution.html

[Mailing List] http://seclists.org/fulldisclosure/2015/Sep/66

[Exploit] http://www.rapid7.com/db/modules/exploit/windows/http/manage_engine_opmanager_rce

[Various Sources] https://support.zoho.com/portal/manageengine/helpcenter/articles/pgsql-submitquery-do-vulnerability

[Exploit] https://www.exploit-db.com/exploits/38221/

Scores

EPSS 0.7770

EPSS Percentile 99.0%

Details

Status published

Products (1)

zohocorp/manageengine_opmanager 11.5

Published Oct 09, 2015

Tracked Since Feb 18, 2026