Skip to Content

Patch Zoho ManageEngine RCE Vulnerability

Proof-of-concept exploit code for a known vulnerability in Zoho ManageEngine is likely to be published this week. The pre-authentication remote code execution flaw can be exploited to take control of vulnerable systems. Zoho released updates to address the vulnerability last fall.

CVE-2022-47966 PoC exploit by Horizon3


  • The flaw stems from a flaw in the Apache Santuario third-party plugin which is updated in the patches released in October and November. While this flaw only exists when you have SAML/SSO enabled, you should make sure that you’re on the current version of ManageEngine regardless.


Security advisory for remote code execution vulnerability in multiple ManageEngine products

ManageEngine CVE-2022-47966 IOCs

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.