CVE-2015-7765

ZOHO ManageEngine OpManager <11.5.11600 - Auth Bypass

Title source: llm

Description

ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardcoded password of "plugin" for the IntegrationUser account, which allows remote authenticated users to obtain administrator access by leveraging knowledge of this password.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotejava

https://www.exploit-db.com/exploits/38221

View Code ZIP pw:eip

References (5)

[Exploit] http://packetstormsecurity.com/files/133596/ManageEngine-OpManager-Remote-Code-Execution.html

[Mailing List] http://seclists.org/fulldisclosure/2015/Sep/66

[Exploit] http://www.rapid7.com/db/modules/exploit/windows/http/manage_engine_opmanager_rce

[Various Sources] https://support.zoho.com/portal/manageengine/helpcenter/articles/pgsql-submitquery-do-vulnerability

[Exploit] https://www.exploit-db.com/exploits/38221/

Scores

EPSS 0.8085

EPSS Percentile 99.1%

Classification

Status draft

Affected Products (1)

zohocorp/manageengine_opmanager

Timeline

Published Oct 09, 2015

Tracked Since Feb 18, 2026