Loading
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Use CWE-306, Zohocorp vendor hub and Manageengine Servicedesk Plus product page to widen CVE-2021-44077 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-38869, CVE-2023-35785 and CVE-2023-26601 for nearby disclosures in the same product family.