CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.

Link	Resource
https://manageengine.com	Vendor Advisory
https://www.manageengine.com/products/active-directory-audit/cve-2022-28219.html	Patch Vendor Advisory
https://www.horizon3.ai/red-team-blog-cve-2022-28219/	Exploit Third Party Advisory
http://cewolf.sourceforge.net/new/index.html	Product Third Party Advisory
http://packetstormsecurity.com/files/167997/ManageEngine-ADAudit-Plus-Path-Traversal-XML-Injection.html	Exploit Third Party Advisory

Configuration 1

cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7002:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7003:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7004:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7005:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7000:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:*:*:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7006:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7007:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7008:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7050:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7051:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7052:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7053:*:*:*:*:*:* cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.0:7054:*:*:*:*:*:*

---

Published : 2022-04-05 07:15

Updated : 2022-10-26 02:30

---

NVD link : CVE-2022-28219

Mitre link : CVE-2022-28219

Manageengine Adaudit Plus

Zohocorp

CWE-611

Improper Restriction of XML External Entity Reference