Severity: High
CVE ID: CVE-2026-12268
Affected Software Version(s): DDI Central 6.2.0 / Build 6200
Fixed Version: Build 6201
Fixed on: June 18, 2026
Details:
The ManageEngine DDI Central 6.2.0 build 6200 had a PowerShell command injection vulnerability in Windows DNS SPF/TXT record handling. This issue could allow a low-privilege authenticated user to perform remote code execution during DNS record push operations.
The vulnerability has been fixed by aligning input validation across SPF/TXT record endpoints and securing SPF/TXT record handling to prevent unsafe PowerShell command execution during Windows DNS record push operations.
Impact:
Successful exploitation of this vulnerability could result in remote code execution on a managed Windows DNS server during SPF/TXT record push operations.
Steps to upgrade:
Update your DDI Central Console and Node Agent instances to the latest build 6201 using the service pack.
Acknowledgements:
This issue was reported by C&N.