CVE-2021-37424: 
Zoho ManageEngine ADManager Plus vulnerability analysis and mitigation

Account takeover via machine account creation (CVE-2021-37424) is a high-severity vulnerability discovered in ADSelfService Plus before build 6112. The vulnerability stems from the product's program code that removes leading whitespaces in the username field, which could allow an attacker to create a machine account and potentially gain domain administrator privileges (ManageEngine Security).

The vulnerability exploits the product's code behavior of removing leading whitespaces in username fields. An attacker could create a machine account with the username " Administrator" (with leading whitespace), and when the whitespace is removed, the attacker would be logged in as the "Administrator" account, which has domain administrator privileges (ManageEngine Security).

The successful exploitation of this vulnerability could lead to domain administrator account takeover. Once compromised, an attacker can alter enrollment information saved in the product, change the domain administrator account's password, and ultimately compromise the entire Active Directory domain (ManageEngine Security).

The vulnerability was fixed in ADSelfService Plus build 6112. The fix ensures that leading and trailing whitespace characters are not stripped from provided usernames. Additionally, when text is used in LDAP search filters, leading and trailing space characters must be properly encoded (ManageEngine Security).