Exploitation Summary
EIP tracks 1 public exploit for CVE-2020-10816. PoCs published by eLeN3Re.
AI-analyzed exploit summary The repository lacks actual exploit code and instead references an external PDF for technical details, which is a common tactic in suspicious repos. The README provides minimal technical information and no functional PoC.
Description
Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated attacker to register managed servers via AAMRequestProcessor servlet.
Exploits (1)
gitlab
SUSPICIOUS
by eLeN3Re · poc
https://gitlab.com/eLeN3Re/CVE-2020-10816
The repository lacks actual exploit code and instead references an external PDF for technical details, which is a common tactic in suspicious repos. The README provides minimal technical information and no functional PoC.
Classification
Suspicious 90%
Attack Type
Auth Bypass
Complexity
Theoretical
Reliability
Theoretical
Target:
Zoho ManageEngine Applications Manager 14780 and before
No auth needed
Prerequisites:
network access to target
devstral-2 · analyzed Feb 23, 2026
Full analysis →
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.manageengine.com/au/products/applications_manager/security-updates/security-updates-cve-2020-10816.html
Third Party Advisory x_refsource_misc
https://gitlab.com/eLeN3Re/CVE-2020-10816
Scores
CVSS v3
7.5
EPSS
0.0479
EPSS Percentile
90.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-287
Status
published
Products (1)
zohocorp/manageengine_applications_manager
14.7 (10 CPE variants)
Published
Oct 08, 2020
Tracked Since
Feb 18, 2026