From 5ef10f9e375d316dbb8f9a1bd3685962b4bb7524 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E4=B9=8B=E4=B9=8E=E8=80=85=E4=B9=9F?= <zhzyker@gmail.com>
Date: Thu, 13 Apr 2023 15:28:07 +0800
Subject: [PATCH] Create CVE-2022-35405.md

---
 CVE-2022-35405.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 CVE-2022-35405.md

diff --git a/CVE-2022-35405.md b/CVE-2022-35405.md
new file mode 100644
index 0000000..06e50c5
--- /dev/null
+++ b/CVE-2022-35405.md
@@ -0,0 +1,12 @@
+## ZOHO ManageEngine Password Manager Pro RCE (CVE-2022-35405)
+
+|   **Vulnerability**  | **ZOHO ManageEngine Password Manager Pro RCE (CVE-2022-35405)**  |
+| :----:   | :-----|
+|  **Chinese name**  | ZOHO ManageEngine Password Manager Pro 远程代码执行漏洞（CVE-2022-35405） |
+| **CVSS core**  | 9.8 |
+| **FOFA Query**  (click to view the results directly)| [banner=\"Server: PMP\" \|\| header=\"Server: PMP\" \|\| banner=\"Set-Cookie: pmpcc=\" \|\| header=\"Set-Cookie: pmpcc=\" \|\| title=\"ManageEngine Password Manager Pro\"](https://en.fofa.info/result?qbase64=YmFubmVyPSJTZXJ2ZXI6IFBNUCIgfHwgaGVhZGVyPSJTZXJ2ZXI6IFBNUCIgfHwgYmFubmVyPSJTZXQtQ29va2llOiBwbXBjYz0iIHx8IGhlYWRlcj0iU2V0LUNvb2tpZTogcG1wY2M9IiB8fCB0aXRsZT0iTWFuYWdlRW5naW5lIFBhc3N3b3JkIE1hbmFnZXIgUHJvIg%3D%3D) |
+| **Number of assets affected**  | 672 |
+| **Description**  | ZOHO ManageEngine Password Manager Pro is a password manager from the American company ZOHO. ZOHO ManageEngine Password Manager Pro versions prior to 12101 and PAM360 prior to 5510 have security vulnerabilities, attackers can execute arbitrary commands to gain server privileges. |
+| **Impact** | ZOHO ManageEngine Password Manager Pro versions prior to 12101 and PAM360 prior to 5510 have security vulnerabilities, attackers can execute arbitrary commands to gain server privileges. |
+
+![](https://s3.bmp.ovh/imgs/2023/04/12/8c05d22e66e4bd93.gif)