What is CVE-2013-7390?

CVE-2013-7390 is a vulnerability in N/a. Published 2020-01-27.

Is CVE-2013-7390 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2013-7390

Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it v…

EPSS: 0.668 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
20142995/nuclei-templates
cyb3r-w0lf/nuclei-template-collection

References

github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/htt… (x_refsource_MISC)
seclists.org/fulldisclosure/2013/Nov/130 (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-7390?: CVE-2013-7390 is a vulnerability in N/a. Published 2020-01-27.
Is CVE-2013-7390 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.