Direct Inward Dialing: +1 408 916 9393
|CVE ID||CVE- 2023-38743|
|Affected software version||Build 7188 and older|
|Fixed version||Build 7200|
|Fixed on||June 13, 2023|
In ADManager Plus builds 7188 and older, an authenticated RCE vulnerability was reported in High Availability module. This has been fixed in the build 7200 and the release notes for it can be found here.
Authenticated users with admin privileges can run an arbitrary command on the host machine in which ADManager Plus is installed.
Update ADManager Plus instance to its latest build by installing the service pack.
This issue was reported anonymously by a user on Trend Micro's Zero Day Initiative Published Advisories website.
Select a language to translate the contents of this web page:
Fill this form, and we'll contact you rightaway.
Our technical support team will get in touch with you at the earliest."