CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

May 22, 2025

CVE ID : CVE-2025-3444

Published : May 22, 2025, 11:15 a.m. | 52 minutes ago

Description : Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion (LFI) in the Admin module, where help card content is loaded.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41403 – Zohocorp ManageEngine ADAudit Plus SQL Injection

Next Article CVE-2024-25010 – Ericsson RAN Compute and Site Controller Code Injection Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft nags more users with Windows 10 end of life banner, says get Windows 11

Microsoft nags more users with Windows 10 end of life banner, says get Windows 11

Hate Windows 11? Windows 10’s extended updates Enroll button is slowly rolling out, says Microsoft

Firefox Web App Support Available to Test (on Windows, At Least)

CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

CVE-2025-8208 – Spexo Addons for Elementor WordPress Stored Cross-Site Scripting

CVE-2025-9379 – “Belkin AX1800 Firmware Update Handler Remote Authentication Bypass”

CVE-2025-4151 – PHPGurukul Curfew e-Pass Management System SQL Injection Vulnerability

Awake on Lan remotely wakes up computers

CVE-2025-53029 – Oracle VirtualBox Core Confidential Data Disclosure

Chrome for Android Tests Importing Data from Other Browsers and Media Indicators for Tablets

chezmoi manages your dotfiles across multiple machines

CVE-2025-4829 – TOTOLINK A702R/A3002R/A3002RU HTTP POST Request Handler Buffer Overflow Vulnerability

Windows 11 hits 59.84% on Steam as gamers move on from Windows 10

Coder reimagines development environments to make them more ideal for AI agents

CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

Related Posts