CVE-2020-12116

HIGH NUCLEI

Zoho ManageEngine OpManger - Arbitrary File Read

Title source: nuclei
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-12116. PoCs published by BeetleChunks. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional Python exploit for CVE-2020-12116, an unauthenticated arbitrary file read vulnerability in ManageEngine OpManager. The exploit leverages a directory traversal flaw in cached JavaScript URLs to exfiltrate sensitive files.

Description

Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.

Exploits (1)

nomisec WORKING POC 32 stars
by BeetleChunks · poc
https://github.com/BeetleChunks/CVE-2020-12116

This repository contains a functional Python exploit for CVE-2020-12116, an unauthenticated arbitrary file read vulnerability in ManageEngine OpManager. The exploit leverages a directory traversal flaw in cached JavaScript URLs to exfiltrate sensitive files.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: ManageEngine OpManager (versions up to 125116)
No auth needed
Prerequisites: Network access to the target's OpManager web interface (default port 8060)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Zoho ManageEngine OpManger - Arbitrary File Read
HIGHby dwisiswant0
Shodan: http.title:"opmanager plus"
FOFA: title="opmanager plus"

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.9742
EPSS Percentile 99.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
zohocorp/manageengine_opmanager 12.4 (50 CPE variants)
Published May 07, 2020
Tracked Since Feb 18, 2026