CVE-2023-35786

Summary

CVE-2023-35786 is a vulnerability affecting Zoho ManageEngine ADManager Plus prior to version 7183. This issue grants admin users the ability to exploit an XML External Entity (XXE) vulnerability, potentially allowing them to view sensitive files. An attacker could manipulate this bug by injecting and executing malicious XML code, leading to unauthorized data disclosure. Organizations using the affected version of ADManager Plus are advised to apply the necessary patch as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.