CVE-2022-28987

MEDIUM EXPLOITED NUCLEI

Zoho ManageEngine ADSelfService Plus <6.2.02 - Info Disclosure

Title source: llm

Description

Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.

Nuclei Templates (1)

Zoho ManageEngine ADSelfService Plus 6121 - Username Enumeration

MEDIUMby ritikchaddha

Shodan: http.title:"ADSelfService Plus"

FOFA: title="ADSelfService Plus"

References (3)

[Exploit, Third Party Advisory] https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/adselfservice-userenum.md

[Exploit, Third Party Advisory] https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/adselfservice-userenum.py

View Exploit ZIP pw:eip

[Vendor Advisory] https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28987.html

Scores

CVSS v3 5.3

EPSS 0.1117

EPSS Percentile 93.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2026-04-01

Status published

Products (1)

zohocorp/manageengine_adselfservice_plus 6.1 6121

Published May 20, 2022

Tracked Since Feb 18, 2026