Medium
ManageEngine OpManager could allow a remote attacker to traverse directories on the system, caused by an error when “” is used. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.
Exposure of sensitive information
ManageEngine
Upgrade to the latest version of OpManager (12.5 or later).