Direct Inward Dialing: +1 408 916 9393
|CVE ID||CVE- 2023-39912|
|Affected software versions||Build 7202 and older|
|Fixed version||Build 7203|
|Fixed on||July 30, 2023|
ADManager Plus builds 7202 and older are reported to have a file disclosure vulnerability where ADManager Plus Help Desk Technician can read arbitrary files on the machine where ADManager Plus is installed. This has been fixed in the build 7203 and it's release notes can be found here.
Built-in admin can read the arbitrary files on the machine in which ADManager Plus is installed.
Update your ADManager Plus instance to its latest build by installing the service pack.
This vulnerability was discovered by Son Nguyen from VNG Security while working with Trend Micro Zero Day Initiative.
Select a language to translate the contents of this web page:
Fill this form, and we'll contact you rightaway.
Our technical support team will get in touch with you at the earliest."