March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities
April 14, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
April 14, 2023Rewterz Threat Advisory – ICS: Multiple Siemens Products Vulnerabilities
April 14, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
April 14, 2023
Severity
High
Analysis Summary
CVE-2023-29084
ManageEngine ADManager Plus could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the ChangePasswordAction function. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2023-29084
Affected Vendors
Zoho
Affected Products
- Zoho ManageEngine ADManager Plus
Remediation
Refer to ManageEngine Web site for patch, upgrade or suggested workaround information.