← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-28810 — Actively Exploited: ManageEngine (Zoho)

Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.

CVE IDCVE-2022-28810
VendorZoho
ProductManageEngine
Vulnerability nameZoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
Date added2023-03-07
Remediation due2023-03-28
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionZoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →