Intrusion Prevention



This indicates an attack attempt against an Path Traversal vulnerability in ManageEngine ServiceDesk Plus, AssetExplorer, SupportCenter and
The vulnerability is due to insufficient sanitizing of user supplied inputs when handling a crafted HTTP packet. It allows a remote attacker to execute malicious code against affected machine via crafted requests.

Affected Products

ManageEngine AssetExplorer 6.1 and prior
ManageEngine IT360 10.4 and prior
ManageEngine ServiceDesk Plus prior to 9.0 build 9031
ManageEngine SupportCenter 7.9 and prior


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the latest update from the vendor

CVE References