CVE-2021-41081

CRITICAL

Zoho ManageEngine Network Config Mgr <125465 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-41081. PoCs published by sudaiv.

AI-analyzed exploit summary This repository contains a README referencing a blog post about CVE-2021-41081, which is a vulnerability in Apache HTTP Server. The README itself does not contain exploit code but links to external technical analysis.

Description

Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search.

Exploits (1)

nomisec WRITEUP

by sudaiv · poc

https://github.com/sudaiv/CVE-2021-41081

View Code ZIP pw:eip

This repository contains a README referencing a blog post about CVE-2021-41081, which is a vulnerability in Apache HTTP Server. The README itself does not contain exploit code but links to external technical analysis.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Apache HTTP Server

No auth needed

Prerequisites: Access to the referenced blog post for technical details

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.manageengine.com/network-configuration-manager/security-updates/cve-2021-41081.html

Scores

CVSS v3 9.8

EPSS 0.6917

EPSS Percentile 99.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-89

Status published

Products (2)

zohocorp/manageengine_network_configuration_manager 12.3 build123123 (31 CPE variants)

zohocorp/manageengine_network_configuration_manager 12.5 (19 CPE variants)

Published Nov 11, 2021

Tracked Since Feb 18, 2026