CVE-2021-21978 exp
CVE-2021-21978 CVE-2021-21978 RCE exp 影响版本 VMware View Planner Harness 4X 与 CVE-2021-21978 类似,该漏洞可以在未授权访问的情况下,上传任意文件,并通过修改自带 py 脚本实现远程代码执行。 值得注意的是,执行命令是在 docker 容器中,并不是直接在系统中执行。 用法: go run CVE-2021-21978go -h <
VMware View Planner 4.x before 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vmware view planner 4.6 |
||
vmware view planner |