CVE-2020-21642 Information

Description

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.

Reference

https://www.manageengine.com/analytics-plus/release-notes.html