CVE-2014-9371 Information

Description

The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object.

Reference

http://www.zerodayinitiative.com/advisories/ZDI-14-420/