ZOHO ManageEngine ServiceDesk Plus (SDP), an ITIL-based IT service management software from ZOHO, is vulnerable to an input validation error in versions prior to ZOHO ManageEngine ServiceDesk Plus (SDP) 11205, which could be exploited by an attacker to execute arbitrary commands with SYSTEM privileges. The vulnerability can be exploited to execute arbitrary commands using SYSTEM privileges.