CVE advisoryKnown Exploit
CVE-2019-8394
ManageEngine ServiceDesk Plus File Upload Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability exists in Zoho ManageEngine ServiceDesk Plus allowing remote attackers to upload arbitrary files via the login page. This could lead to unauthorized access to or modification of affected systems, posing a significant business risk.