Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthenticated remote code execution via XML-RPC. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
View the template here CVE-2022-35405.yaml
References:
https://xz.aliyun.com/t/11578