[SB 20.09] Collective: RCEs in Zoho ADSelfService (CVE-2020-11518), Dell iDRAC (CVE-2020-5344), Paessler PRTG (CVE-2020-10374), Nexus Repository Manager (CVE-2020-10199), Zoho OpManager (CVE-2020-11527)

Due to some Hickups in our CVE/CVSS-detector we issue a collective SecurityBulletin to get the Info out as soon as possible and will deliver analysis later.

RCE in Dell iDRAC (CVE-2020-5344)

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to,, contain a stack-based buffer overflow vulnerability. An unauthenticated 
remote attacker may exploit this vulnerability to crash the affected process or 
execute arbitrary code on the system by sending specially crafted input data.
  • CVSS: 9.8
  • Link
  • 110.000 IPs affected

RCE in Zoho ManageEngine ADSelfService (CVE-2020-11518)

Zoho ManageEngine ADSelfService Plus before 5815 allows 
unauthenticated remote code execution.
  • CVSS: 9.8
  • Link
  • 2.000 IPs affected

RCE in Paessler PRTG (CVE-2020-10374)

A webserver component in Paessler PRTG Network Monitor 19.2.50 
to PRTG 20.1.56 allows unauthenticated remote command execution via a 
crafted POST request or the what parameter of the screenshot function 
in the Contact Support form.
  • CVSS: 9.8
  • Link
  • 94.000 IPs affected

RCE/Java-EL-Injection in Nexus Repository Manager (CVE-2020-10199)

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
  • CVE: 8.8
  • Link
  • 8.500 IPs affected

Please note: although the official advisory says, the vuln exists only post_auth, the guy who reported the bug claims, it is pre_auth Link to: Remote Code Execution - JavaEL Injection (low privileged accounts) in Nexus Repository Manager

File Read in Zoho OpManager (CVE-2020-11527)

In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote 
attacker can send a specially crafted URI to read arbitrary files.
  • CVSS: 7.5
  • Link
  • 1.100 IPs affected

Fragen? Kontakt: info@zero.bs