CVE-2020-28653

CRITICAL EXPLOITED NUCLEI

Zohocorp Manageengine Opmanager < 12.5 - Remote Code Execution

Title source: rule

Description

Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.

Exploits (4)

nomisec WORKING POC 1 stars

by tuo4n8 · remote

https://github.com/tuo4n8/CVE-2020-28653

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by intrigueio · remote

https://github.com/intrigueio/cve-2020-28653-poc

View Code ZIP pw:eip

nomisec WORKING POC

by mr-r3bot · remote

https://github.com/mr-r3bot/ManageEngine-CVE-2020-28653

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Johannes Moritz, Robin Peraglie, Spencer McIntyre · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/opmanager_sumpdu_deserialization.rb

View Code ZIP pw:eip

Nuclei Templates (1)

ManageEngine OpManager SumPDU 12.1 - 12.5.232 - Java Deserialization

CRITICALby iamnoooob,pdresearch

Shodan: http.title:"opmanager plus" || http.title:"opmanager"

FOFA: title="opmanager plus" || title="opmanager"

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/164231/ManageEngine-OpManager-SumPDU-Java-Deserialization.html

[Release Notes, Vendor Advisory] https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125203

[Release Notes, Vendor Advisory] https://www.manageengine.com/network-monitoring/help/read-me-complete.html#125233

Scores

CVSS v3 9.8

EPSS 0.9300

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2025-10-28

Status published

Products (1)

zohocorp/manageengine_opmanager 12.5 build125000 (50 CPE variants)

Published Feb 03, 2021

Tracked Since Feb 18, 2026