Full title: Zoho Password Manager Pro XML-RPC Java Deserialization Exploit Category: remote exploits Platform: windows This Metasploit module exploits a Java deserialization vulnerability in Zoho ManageEngine Pro before 12101 and PAM360 before 5510. Unauthenticated attackers can send a crafted XML-RPC request containing malicious serialized data to /xmlrpc to gain remote command execution as the SYSTEM user. # 0day.today @ http://0day.today/