Zoho Patched Remote Code Execution Vulnerability in ManageEngine ADSelfService Plus (CVE-2022-28810)

Multiple Zoho ManageEngine ADSelfService Plus instances are vulnerable to a vulnerability that could allow an authenticated end-user to gain remote code execution on a vulnerable ADSelfService Plus. Assigned with CVE-2022-28810, the vulnerability was fixed by Zoho on April 9, 2022, but the flaw is being exploited in the wild.    CISA has added the vulnerability … Continue reading “Zoho Patched Remote Code Execution Vulnerability in ManageEngine ADSelfService Plus (CVE-2022-28810)”