CVE-2018-12999 is a vulnerability in Zoho Corp Manageengine Desktop Central
Published on June 29, 2018

Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine Desktop Central 10.0.255 allows attackers to delete certain files on the web server without login by sending a specially crafted request to the server with a computerName=../ substring to the /agenttrayicon URI.

NVD

Products Associated with CVE-2018-12999

Want to know whenever a new CVE is published for Zoho Corp Manageengine Desktop Central? stack.watch will email you.

Zoho Corp Manageengine Desktop Central

Exploit Probability

EPSS

9.66%

Percentile

92.77%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-12999 is a vulnerability in Zoho Corp Manageengine Desktop CentralPublished on June 29, 2018

Products Associated with CVE-2018-12999

Exploit Probability

CVE-2018-12999 is a vulnerability in Zoho Corp Manageengine Desktop Central
Published on June 29, 2018