Phone Live Chat
US: +1 888 720 9500
US: +1 800 443 6694
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9393

Knowledge Base

How to mitigate the authentication bypass vulnerability in ADManager Plus?

An authentication bypass vulnerability (CVE-2021-42002) leading to a file-upload remote code execution in ManageEngine ADManager Plus has been addressed recently. This article explains the vulnerability and the steps to fix it.

What is the issue?

An authentication bypass vulnerability that could lead to a file-upload remote code execution.

Whom does it affect?

Users with ADManager Plus builds 7114 and earlier are affected.

What is the severity level of this vulnerability?

This is a critical vulnerability.

How to protect your ADManager Plus installation?

If you use ADManager Plus builds 7114 or earlier versions, please upgrade the product to the latest build by following these steps:

  1. Shut down the product.
  2. Restore from a previous backup, to undo unnecessary or unauthorized changes.
  3. Update the product to the latest build, 7117. Download the service pack from here. You can download the complete build from here.
  4. Restart ADManager Plus.


If you need additional information, face issues in performing the recommended steps, or need help in upgrading your instance to the latest build, please write to us at You can also call us at +1-312-471-2233 (toll-free).


Request Support

Need further assistance? Fill this form, and we'll contact you rightaway.

  • Name
  • Email*
  • Phone Number
  • Country
  • Problem Description
    By clicking 'Submit', you agree to processing of personal data according to the Privacy Policy.

Select a language to translate the contents of this web page:

ADManager Plus Trusted By

The one-stop solution to Active Directory Management and Reporting
Email Download Link