Description
Zohocorp ManageEngine ADManager Plus versions below 7230 are vulnerable to Path Traversal in the User Management module
Published: 2026-01-13
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 29 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7200:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7201:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7202:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7203:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7210:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7211:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7212:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7220:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7221:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7222:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7223:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7224:*:*:*:*:*:*

Tue, 13 Jan 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 13:45:00 +0000

Type Values Removed Values Added
Description Zohocorp ManageEngine ADManager Plus versions below 7230 are vulnerable to Path Traversal in the User Management module
Title Path Traversal
First Time appeared Zohocorp
Zohocorp manageengine Admanager Plus
Weaknesses CWE-22
CPEs cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:windows:*:*:*:*:*
Vendors & Products Zohocorp
Zohocorp manageengine Admanager Plus
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L'}

Subscriptions

Zohocorp Manageengine Admanager Plus
cve-icon MITRE

Status: PUBLISHED

Assigner: Zohocorp

Published:

Updated: 2026-01-13T14:01:24.898Z

Reserved: 2025-08-25T12:33:30.202Z

Link: CVE-2025-9435

cve-icon Vulnrichment

Updated: 2026-01-13T14:01:18.084Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-13T14:16:37.907

Modified: 2026-01-29T19:10:59.800

Link: CVE-2025-9435

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses