CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

May 22, 2025

CVE ID : CVE-2025-3444

Published : May 22, 2025, 11:15 a.m. | 52 minutes ago

Description : Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion (LFI) in the Admin module, where help card content is loaded.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41403 – Zohocorp ManageEngine ADAudit Plus SQL Injection

Next Article CVE-2024-25010 – Ericsson RAN Compute and Site Controller Code Injection Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

CVE-2025-2769 – Bdrive NetDrive OpenSSL Privilege Escalation Vulnerability

CVE-2025-46433 – JetBrains TeamCity Path Traversal Vulnerability

Microsoft Teams Up With U.S. Lab to Use AI for Faster Nuclear Permits

Sick of AI slop on Pinterest? These two new features should help bring back real pins

Your password manager is under attack, and this new threat makes it worse: How to defend yourself

China Summons Nvidia Over Alleged Backdoor Risks in AI Chips

New Relic’s GitHub Copilot integration, Snyk’s AI Trust Platform, and DataRobot’s syftr framework – SD Times Daily Digest

CVE-2025-37779 – “ERofs Linux Kernel Folio UAF Vulnerability”

CVE-2025-3444 – Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus LFI Vulnerability

Related Posts