Directory Traversal Vulnerability in ZOHO ManageEngine EventLog Analyzer
CVE-2014-6037

Currently unrated

Key Information:

Vendor

Zohocorp
Status
Manageengine Eventlog Analyzer
Vendor
CVE Published:
26 October 2014

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 81%

What is CVE-2014-6037?

A directory traversal vulnerability exists in the agentUpload servlet of ZOHO ManageEngine EventLog Analyzer, specifically in builds 9.0 (build 9002) and 8.2 (build 8020). This flaw enables remote attackers to execute arbitrary code on the affected systems by uploading manipulated ZIP files that contain executable files with path traversal sequences in their names. Once uploaded, these files can be accessed directly through the web interface, leading to potential system compromise. The issue has been addressed in the newer version (Build 11072) of the software, emphasizing the need for users to update their systems promptly.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Metasploit exploit module for CVE-2014-6037
Created by Rapid7

References

http://packetstormsecurity.com/files/128102/ManageEngine-...
x_refsource_MISC
http://www.exploit-db.com/exploits/34519
exploitx_refsource_EXPLOIT-DB
http://seclists.org/fulldisclosure/2014/Aug/86
mailing-listx_refsource_FULLDISC

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability Reserved

.