CVE-2018-5353

CRITICAL

Zoho ManageEngine ADSelfService Plus <5.5.5517 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-5353. PoCs published by missing0x00.

AI-analyzed exploit summary This repository provides a detailed writeup and proof-of-concept for CVE-2018-5353, a privilege escalation/RCE vulnerability in Zoho ManageEngine ADSelfServicePlus. The exploit leverages spoofing attacks to redirect traffic and execute arbitrary code in the context of WinLogon.exe.

Description

The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. Additionally, if the web server has a misconfigured certificate then no spoofing attack is required

Exploits (1)

nomisec WRITEUP

by missing0x00 · poc

https://github.com/missing0x00/CVE-2018-5353

View Code ZIP pw:eip

This repository provides a detailed writeup and proof-of-concept for CVE-2018-5353, a privilege escalation/RCE vulnerability in Zoho ManageEngine ADSelfServicePlus. The exploit leverages spoofing attacks to redirect traffic and execute arbitrary code in the context of WinLogon.exe.

Classification

Writeup 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Zoho ManageEngine ADSelfServicePlus before 5.5 build 5517

No auth needed

Prerequisites: Ability to conduct spoofing attack (ARP, physical access, etc.) · Network Level Authentication not enforced for RDP exploitation · Misconfigured certificate on the target server

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1557 - Adversary-in-the-Middle

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Release Notes, Vendor Advisory x_refsource_misc

https://www.manageengine.com/products/self-service-password/release-notes.html

Vendor Advisory x_refsource_misc

http://zoho.com

Exploit, Third Party Advisory x_refsource_misc

https://github.com/missing0x00/CVE-2018-5353

Scores

CVSS v3 9.8

EPSS 0.0810

EPSS Percentile 94.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-290

Status published

Products (2)

zohocorp/manageengine_adselfservice_plus 5.5 (18 CPE variants)

zohocorp/manageengine_adselfservice_plus < 5.5

Published Sep 30, 2020

Tracked Since Feb 18, 2026