A java deserialization vulnerability and a blind XXE vulnerability allows unauthenticated remote attackers to execute system commands in Zoho ManageEngine ADAudit Plus.
CVE Link
Exploit Platform
Exploit Type
Product Name