CVE-2020-10859

Publication date

2020-05-05 20:16:42

Family

mitre

State

PUBLISHED

Description

Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request.