CVE-2023-48646

Summary

CVE-2023-48646 is a newly disclosed vulnerability affecting Zoho ManageEngine's RecoveryManager Plus software. This issue enables admin users to execute arbitrary commands through manipulating proxy settings, posing a significant security risk. The vulnerability occurs in versions prior to 6070, and successful exploitation could lead to unauthorized system access and potential data breaches. Users are advised to update their RecoveryManager Plus installations as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.