admin/0day
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0day/14-VMware/VMware vCenter Server RCE
History
helloexp a64ac76f8e 优化目录结构
2022-08-25 16:39:52 +08:00
..
CVE-2021-21985.nse
优化目录结构
2022-08-25 16:39:52 +08:00
README.md
优化目录结构
2022-08-25 16:39:52 +08:00

README.md

VMware vCenter Server RCE

CVE

CVE-2021-21985

使用方法

  1. 替换成自己的IP和端口
nmap -p443 --script CVE-2021-21985.nse 1.1.1.1
  1. 检测到漏洞的输入如下
-- 443/tcp open  https
-- | CVE-2021-21985:
-- |   VULNERABLE:
-- |   vCenter 6.5-7.0 RCE
-- |     State: VULNERABLE (Exploitable)
-- |     IDs:  CVE:CVE-2021-21985
-- |       The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input
-- |       validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server.
-- |     Disclosure date: 2021-05-28
-- |     References:
-- |