CVE-2023-38743

HIGH EXPLOITED

Zoho ManageEngine ADManager Plus <Build 7200 - Command Injection

Title source: llm

Exploitation Summary

CVE-2023-38743 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including PetrusViet.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2023-38743, a command injection vulnerability in ManageEngine ADManager. The exploit authenticates, creates a user, and executes arbitrary commands via crafted HTTP requests.

Description

Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine.

Exploits (1)

nomisec WORKING POC 11 stars

by PetrusViet · remote-auth

https://github.com/PetrusViet/CVE-2023-38743

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2023-38743, a command injection vulnerability in ManageEngine ADManager. The exploit authenticates, creates a user, and executes arbitrary commands via crafted HTTP requests.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: ManageEngine ADManager Plus

Auth required

Prerequisites: Valid admin credentials · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory

https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-38743.html

Scores

CVSS v3 7.2

EPSS 0.1163

EPSS Percentile 95.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2024-07-01

Status published

Products (1)

zohocorp/manageengine_admanager_plus < 7.2

Published Sep 11, 2023

Tracked Since Feb 18, 2026