New Release: ADManager Plus build 7111
We are happy to let you know that we have released the latest build of ADManager Plus, 7111, which includes fixes for the vulnerabilities detected recently. You can download this build right away, from here. You can update your instance using the service pack, which can be downloaded from here.
Mentioned below are the details of the latest release.
This release includes fixes for the following vulnerabilities:
Unauthenticated RCE vulnerability (CVE-2021-37539), reported by bmtd from ECQ.
OS Command injection vulnerability, reported by Thai Nguyen from ECQ.
Multiple unrestricted file upload vulnerabilities leading to RCE, reported by Nam kn Nguyen from ECQ.
Path traversal and unrestricted file upload vulnerabilities, reported by qbao from ECQ.
Account takeover vulnerability during SAML login, reported by HaYiCle from ECQ.
Multiple unrestricted file upload vulnerabilities leading to RCE, reported by Duc Nguyen from ECQ.
Unrestricted file upload leading to RCE, reported by no3g from ECQ.
If you need more information or any assistance, do let us know.
Team ADManager Plus
Toll-Free: +1 888-720-9500