ADAudit Plus, a widely-used auditing and compliance tool developed by ManageEngine, is found to be vulnerable to an arbitrary directory traversal and file manipulation attack, assigned the CVE identifier CVE-2023-50438. This vulnerability exposes organizations to significant risks, potentially allowing attackers to execute malicious actions such as unauthorized access to sensitive files, data leakage, and even compromise of the entire system.

The vulnerability arises from inadequate input validation and sanitization in the search-archived-events/update-arch-index-settings endpoint of ADAudit Plus. This flaw enables authenticated attackers to manipulate the file path parameter, leading to arbitrary directory traversal and subsequent file manipulation on the server.