ManageEngine OpManager Remote Directory Deletion (CVE-2021-20078) This is an unauthenticated path traversal remote directory deletion vulnerability in ManageEngine OpManager build 125346. The flaw exists in the Spark Gateway component in ManageEngine OpManager due to improper validation of user-supplied data prior to a directory deletion operation: