This article has been indexed from The Hacker News
Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers.
Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that “may allow an attacker to read unauthorized data or write an arbitrary zip
Read the original article: Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central