ManageEngine ADAudit Plus Remote Code Execution

This Metasploit module exploits security issues in ManageEngine ADAudit Plus versions prior to 7006 that allow authenticated users to execute arbitrary code by creating a custom alert profile and leveraging its custom alert script component. The module first runs a few checks to test the provided credentials, retrieve the configured domain(s) and obtain the build number of the target ADAudit Plus server. If the credentials are valid and the target is vulnerable, the module creates an alert profile that will …

adaudit plus alert code code execution credentials domain exploits manageengine manageengine adaudit plus metasploit profile remote code remote code execution script security security issues test