CVE-2025-10020 | Zoho ManageEngine ADManager Plus up to 8023 Custom Script command injection

Inserito da Angelo Barbosa | Ott 21, 2025 | CVE

A vulnerability categorized as critical has been discovered in Zoho ManageEngine ADManager Plus up to 8023. This vulnerability affects unknown code of the component Custom Script Component. Executing manipulation can lead to command injection.

The identification of this vulnerability is CVE-2025-10020. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2025-10020 | Zoho ManageEngine ADManager Plus up to 8023 Custom Script command injection

Post correlati

CVE-2024-36250 | Mattermost up to 9.5.10/9.11.2 MFA incorrect implementation of authentication algorithm

CVE-2024-4836 | Edito CMS up to 3.25 Configuration File file access

CVE-2023-50026 | Presta Monster Multi Accessories Pro Module up to 5.1.1 on PrestaShop getAccessoriesByIdProducts sql injection

CVE-2024-29211 | Ivanti Secure Access Client up to 22.7R3 Configuration File race condition