2019-08-16 02:44:19
mitre
PUBLISHED
An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. One can bypass the user password requirement and execute commands on the server. The "username+@opm string is used for the password. For example, if the username is admin, the password is admin@opm.