CVE-2017-11346

CRITICAL

ManageEngine Desktop Central < 10.0 - Remote Code Execution via Help Desk Video Upload

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-11346. PoCs published by Kacper Szurek.

AI-analyzed exploit summary This Metasploit module exploits a file upload vulnerability in ManageEngine Desktop Central 10 (CVE-2017-11346) by bypassing filename validation to upload a malicious JSP file, achieving remote code execution as SYSTEM.

Description

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos.

Exploits (1)

exploitdb WORKING POC

by Kacper Szurek · rubywebappsjava

https://www.exploit-db.com/exploits/42358

View Code ZIP pw:eip

This Metasploit module exploits a file upload vulnerability in ManageEngine Desktop Central 10 (CVE-2017-11346) by bypassing filename validation to upload a malicious JSP file, achieving remote code execution as SYSTEM.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ManageEngine Desktop Central 10 Build 100087

No auth needed

Prerequisites: Network access to the target server · ManageEngine Desktop Central 10 with vulnerable build

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory x_refsource_confirm

https://www.manageengine.com/products/desktop-central/remote-code-execution.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/42358/

Scores

CVSS v3 9.8

EPSS 0.4327

EPSS Percentile 98.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20

Status published

Products (1)

zohocorp/manageengine_desktop_central < 10.0

Published Jul 17, 2017

Tracked Since Feb 18, 2026