CVE-2018-7890

CVE: CVE-2018-7890
Published: 2018-03-08T22:29Z
Description Language: en
Description: A remote code execution issue was discovered in Zoho ManageEngine Applications Manager 13.5. The publicly accessible testCredential.do endpoint takes multiple user inputs and validates supplied credentials by accessing a specified system. This endpoint calls several internal classes, and then executes a PowerShell script. If the specified system is OfficeSharePointServer, then the username and password parameters to this script are not validated, leading to Command Injection.
References:
https://github.com/rapid7/metasploit-framework/pull/9684

Advisory | ManageEngine Applications Manager Remote Code Execution and SQLi