CVE-2021-44077

CRITICAL KEV NUCLEI

ManageEngine ServiceDesk Plus CVE-2021-44077

Title source: metasploit

Description

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.

Exploits (3)

nomisec WORKING POC 35 stars

by horizon3ai · remote

https://github.com/horizon3ai/CVE-2021-44077

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by pizza-power · remote

https://github.com/pizza-power/Golang-CVE-2021-44077-POC

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by wvu, Y4er · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manageengine_servicedesk_plus_cve_2021_44077.rb

View Code ZIP pw:eip

Nuclei Templates (1)

Zoho ManageEngine ServiceDesk Plus - Remote Code Execution

CRITICALby Adam Crosser,gy741

Shodan: http.title:"manageengine servicedesk plus"

FOFA: title="manageengine servicedesk plus"

References (6)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/165400/ManageEngine-ServiceDesk-Plus-Remote-Code-Execution.html

[Patch, Vendor Advisory] https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-authentication-bypass-vulnerability-in-servicedesk-plus-versions-11138-and-above

[Vendor Advisory] https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-for-cve-2021-44077-unauthenticated-rce-vulnerability-in-servicedesk-plus-msp-versions-10527-till-10529

[Vendor Advisory] https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-for-cve-2021-44077-unauthenticated-rce-vulnerability-in-servicedesk-plus-versions-up-to-11305-22-11-2021

[Vendor Advisory] https://pitstop.manageengine.com/portal/en/community/topic/security-advisory-for-cve-2021-44077-unauthenticated-rce-vulnerability-in-supportcenter-plus-versions-11012-and-11013

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44077

Scores

CVSS v3 9.8

EPSS 0.9430

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-12-01

VulnCheck KEV 2021-12-01

InTheWild.io 2021-12-01

ENISA EUVD EUVD-2021-30936

CWE

CWE-306

Status published

Products (5)

zohocorp/manageengine_servicedesk_plus 11.1 11138 (8 CPE variants)

zohocorp/manageengine_servicedesk_plus 11.2 11200 (12 CPE variants)

zohocorp/manageengine_servicedesk_plus 11.3 11300 (6 CPE variants)

zohocorp/manageengine_servicedesk_plus < 11.1

zohocorp/manageengine_servicedesk_plus_msp 10.5 10500 (23 CPE variants)

Published Nov 29, 2021

KEV Added Dec 01, 2021

Tracked Since Feb 18, 2026