The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
- http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html
- http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html
- https://github.com/0ps/pocassistdb
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/B1anda0/CVE-2021-21972
- https://github.com/ByZain/CVE-2021-21972
- https://github.com/DaveCrown/vmware-kb82374
- https://github.com/DougCarroll/CVE_2021_21972
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/GuayoyoCyber/CVE-2021-21972
- https://github.com/JMousqueton/Detect-CVE-2021-21972
- https://github.com/L-pin/CVE-2021-21972
- https://github.com/Ma1Dong/vcenter_rce
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NS-Sp4ce/CVE-2021-21972
- https://github.com/Osyanina/westone-CVE-2021-21972-scanner
- https://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC
- https://github.com/SexyBeast233/SecBooks
- https://github.com/SouthWind0/southwind0.github.io
- https://github.com/TaroballzChen/CVE-2021-21972
- https://github.com/Udyz/CVE-2021-21972
- https://github.com/Vulnmachines/VmWare-vCenter-vulnerability
- https://github.com/Whitehorse-rainbow/-Infiltration-summary
- https://github.com/bhassani/Recent-CVE
- https://github.com/bhdresh/SnortRules
- https://github.com/byteofjoshua/CVE-2021-21972
- https://github.com/conjojo/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972
- https://github.com/d3sh1n/cve-2021-21972
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/githubfoam/ubuntu_sandbox
- https://github.com/gobysec/Goby
- https://github.com/haiclover/CVE-2021-21972
- https://github.com/halencarjunior/vcenter-rce-2021-21972
- https://github.com/horizon3ai/CVE-2021-21972
- https://github.com/huike007/penetration_poc
- https://github.com/itscio/LadonGo
- https://github.com/joanbono/nuclei-templates
- https://github.com/jweny/pocassistdb
- https://github.com/k8gege/LadonGo
- https://github.com/lovechinacoco/https-github.com-mai-lang-chai-Middleware-Vulnerability-detection
- https://github.com/mdisec/mdisec-twitch-yayinlari
- https://github.com/milo2012/CVE-2021-21972
- https://github.com/mstxq17/SecurityArticleLogger
- https://github.com/murataydemir/CVE-2021-21972
- https://github.com/n1sh1th/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/CVE-2021-21972
- https://github.com/password520/LadonGo
- https://github.com/pettyhacks/vSphereyeeter
- https://github.com/psc4re/NSE-scripts
- https://github.com/r0eXpeR/supplier
- https://github.com/rastidoust/Red
- https://github.com/rastidoust/rastidoust.github.io
- https://github.com/renini/CVE-2021-21972
- https://github.com/robwillisinfo/VMware_vCenter_CVE-2021-21972
- https://github.com/saucer-man/exploit
- https://github.com/stevenp322/cve-2021-21972
- https://github.com/tijldeneut/Security
- https://github.com/tom0li/collection-document
- https://github.com/tzwlhack/Vulnerability
- https://github.com/viksafe/Get-vSphereVersion
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/yaunsky/CVE-2021-21972
- https://github.com/zhzyker/vulmap