Skip to content
/ CVE-2022-35405 Public

ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC-exploit

29 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

viniciuspereiras/CVE-2022-35405

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
CVE-2022-35405.py
CVE-2022-35405.py
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2022-35405

ManageEngine PAM360 and Password Manager Pro unauthenticated remote code execution vulnerability PoC (Access Manager Plus authenticated only :)

Product Name Affected Version(s) Default port
PAM360 5.5 (5500) and below 8282
Password Manager Pro 12.1 (12100) and below 7272
Access Manager Plus (authenticated) 4.3 (4302) and below 9292

Some custom installations use port 80 or 443.

Usage:

python3 CVE-2022-33405.py -u <url> -p <port> --jar '/path/to/ysoserial.jar' -c <command payload>

About

ManageEngine PAM360, Password Manager Pro, and Access Manager Plus unauthenticated remote code execution vulnerability PoC-exploit

Topics

java exploit poc rce vulnerability cve-2022-35405

Resources

Readme
Activity

Stars

29 stars

Watchers

1 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages