Proof-of-Concept Published for Unauthenticated RCE in Zoho...

Proof-of-Concept Published for Unauthenticated RCE in Zoho ManageEngine ADAudit Plus (CVE-2022-28219)

On June 29, researchers at Horizon3.ai published a blog post about a recently disclosed vulnerability in Zoho ManageEngine ADAudit Plus, a compliance tool that monitors Active Directory.

CVE-2022-28219 is an unauthenticated RCE caused by underlying Java deserialization, blind XML external entity injection and path traversal vulnerabilities. This chain of flaws could be exploited to not only achieve RCE, but also compromise domain administrator accounts. This effect of the flaw will make it very attractive to ransomware groups and initial access brokers.

For more information, please visit our blog.

Vulnerability Watch

Forum Discussion

Proof-of-Concept Published for Unauthenticated RCE in Zoho...

Recent Discussions

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Microsoft Patch Tuesday 2025 Year in Review

Americas

Europe

Asia / Australia