Share
## https://sploitus.com/exploit?id=SAINT:25A1AE710DDC7BDF13922068FD6E1AB1
Added: 02/17/2023  


### Background

[Zoho ManageEngine ServiceDesk Plus](<https://www.manageengine.com/products/service-desk/>) is IT helpdesk software. 

### Problem

A vulnerability in an outdated Apache Santuario library in ServiceDesk Plus allows a remote, unauthenticated attacker to execute arbitrary commands by sending a specially crafted `**SAMLResponse**` parameter to the SAML endpoint. 

### Resolution

[Upgrade](<https://www.manageengine.com/products/service-desk/on-premises/migration-sequence.html>) to ServiceDesk Plus 14004 or higher. 

### References

<https://www.manageengine.com/security/advisory/CVE/cve-2022-47966.html>  
<https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive/>  


### Limitations

The target must have been configured with SAML-based SSO at least once in the past in order to be exploitable. 

### Platforms

Windows