{"vulnerability": "CVE-2022-35405", "sightings": [{"uuid": "1fc52be1-f463-4354-88b0-204cbe7426d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "MISP/0cbcc79f-9f21-49e4-b464-6bd019954888", "content": "", "creation_timestamp": "2022-09-28T14:10:40.000000Z"}, {"uuid": "633c319c-a699-4904-a8f2-d37ddcfd884a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zoho_password_manager_pro_xml_rpc_rce.rb", "content": "", "creation_timestamp": "2022-08-02T22:05:45.000000Z"}, {"uuid": "d461ac36-1cde-481a-93ac-edc582b04d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "https://t.me/arpsyndicate/1115", "content": "#ExploitObserverAlert\n\nCVE-2022-35405\n\nDESCRIPTION: Exploit Observer has 19 entries related to CVE-2022-35405. Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)\n\nFIRST-EPSS: 0.974490000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T04:37:09.000000Z"}, {"uuid": "0c84b47d-629d-4af2-a862-77189f3392de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "exploited", "source": "https://t.me/true_secator/3463", "content": "\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u041f\u041e Zoho ManageEngine \u043d\u0430\u0447\u0438\u043d\u0430\u0435\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041f\u0440\u0438\u043e\u0431\u0440\u0435\u0442\u0435\u043d\u043d\u043e\u0435 Zoho \u0432 2014 \u0433\u043e\u0434\u0443, \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u0418\u0422-\u0440\u0435\u0448\u0435\u043d\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c, \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c\u0438 \u0442\u043e\u0447\u043a\u0430\u043c\u0438, \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0418\u0422-\u043e\u043f\u0435\u0440\u0430\u0446\u0438\u044f\u043c\u0438.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e CVE-2022-35405\u00a0\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 9,8, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043e\u0448\u0438\u0431\u043a\u0430 RCE, \u0432\u043b\u0438\u044f\u044e\u0449\u0430\u044f \u043d\u0430 ManageEngine Password Manager Pro \u0434\u043e 12101, ManageEngine PAM360 \u0434\u043e 5510 \u0438 ManageEngine Access Manager Plus \u0434\u043e 4303.\n\n\u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0431\u0430\u0433\u0438 \u0432 ManageEngine Password Manager Pro \u0438 PAM360 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b ManageEngine Access Manager Plus, \u0434\u043e\u043b\u0436\u0435\u043d \u043f\u0440\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e.\n\n\u041d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 Zoho \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0438\u044e\u043d\u0435, PoC \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0443\u0436\u0435 \u043d\u0430\u0445\u043e\u0434\u0438\u043b \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435. \n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440, \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0432\u00a0\u0431\u043b\u043e\u0433\u0435 \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0441\u0432\u043e\u0438\u0445 \u0432\u044b\u0432\u043e\u0434\u043e\u0432.\n\n\u041f\u0440\u0438\u043d\u0438\u043c\u0430\u044f \u0432\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u0447\u0442\u043e CISA \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 CVE-2022-35405 \u0432 \u0441\u0432\u043e\u0439\u00a0\u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (KEV), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b Password Manager Pro, PAM360 \u0438 Access Manager Plus.", "creation_timestamp": "2022-09-23T20:40:05.000000Z"}, {"uuid": "4def4f56-0a01-4ec4-a312-6ae4e70db7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "https://t.me/cibsecurity/46547", "content": "\u203c CVE-2022-35405 \u203c\n\nZoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-19T18:40:49.000000Z"}, {"uuid": "850ec003-982a-49b1-b349-97a1202499d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6516", "content": "#exploit\n1. CVE-2022-35405:\nZoho Password Manager Pro XML-RPC RCE\nhttps://xz.aliyun.com/t/11578\n\n2. CVE-2022-32832:\nPoC and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6\nhttps://github.com/Muirey03/CVE-2022-32832", "creation_timestamp": "2022-08-02T11:49:26.000000Z"}, {"uuid": "44232850-0e87-4035-9a8b-b75cc247e61b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "38deac58-f8cb-4256-a057-ce52a8432a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971717", "content": "", "creation_timestamp": "2024-12-24T20:33:11.753038Z"}, {"uuid": "c0d0207c-56df-4576-8775-7ad9bdb2164a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "95799aac-5b1d-456d-af48-50f73a0b393a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:38.000000Z"}, {"uuid": "8259aaa7-c6bf-495d-b48b-99a97b3a0a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ddf39d29-06c6-4be7-8d79-01d502591086", "content": "", "creation_timestamp": "2026-02-02T12:27:12.447542Z"}, {"uuid": "325fd043-3984-4b84-97c2-928d0dcfa0ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:47.000000Z"}, {"uuid": "3ce4fd10-57d0-48c1-925e-a1fd009d4d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ddf39d29-06c6-4be7-8d79-01d502591086", "content": "", "creation_timestamp": "2026-02-02T12:27:12.447542Z"}, {"uuid": "8698e742-2d9a-489a-914c-9bb7aff8ae58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "exploited", "source": "https://t.me/ctinow/65280", "content": "Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)\n\nhttps://ift.tt/TqJjQzx", "creation_timestamp": "2022-09-23T13:17:10.000000Z"}, {"uuid": "9bcc6536-a656-4292-a75d-4c695f8bb5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "seen", "source": "https://t.me/arpsyndicate/1915", "content": "#ExploitObserverAlert\n\nCVE-2022-35405\n\nDESCRIPTION: Exploit Observer has 19 entries related to CVE-2022-35405. Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus before 4303 with authentication.)\n\nFIRST-EPSS: 0.974500000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T04:49:06.000000Z"}, {"uuid": "e9fff883-2059-4a01-93c4-0529c56ea7a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35405", "type": "published-proof-of-concept", "source": "Telegram/4-fw1SMsqhXTA-suR6s8dMle__6UIwsg7gau1uudjK1rn3k", "content": "", "creation_timestamp": "2022-10-23T06:42:05.000000Z"}]}