CVE-2020-10189
Zoho ManageEngine Desktop Central File Upload Vulnerability
CVSS
—
No CVSS
EPSS
99.9%
p100
KEV
YES
Nov 3, 2021
Exploit Today
80
0-100
Published: — · Last modified: —
99.9%EPSS · 30 days99.9%
2026-06-302026-07-16
Product
Zoho / ManageEngine
Vulnerability
Zoho ManageEngine Desktop Central File Upload Vulnerability
Added to KEV
Nov 3, 2021
Remediate by
May 3, 2022
Known ransomware use
No
Summary description
Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-10189
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2022-35405—100.0%
KEV—80Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability—CVE-2022-47966—100.0%
KEV—80Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability—CVE-2021-40539—99.9%
KEV—80Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability—CVE-2022-28810—99.3%
KEV—80Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability—CVE-2019-8394—99.1%
KEV—80Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability—