Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
Zoho
Manageengine Log360
NVD
CVSS 3.1
9.8
EPSS
4.6%
Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
Zoho
File Upload
Manageengine Log360
NVD
CVSS 3.1
9.8
EPSS
7.0%