admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 18:52:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

add CVE-2021-21978

Browse Source
This commit is contained in:
Go0p 2021-03-16 16:14:50 +08:00
parent b6dc4f8d8b
commit dd52a743ee
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
VMware/CVE-2021-21978/README.md Normal file
View File

@ -0,0 +1,11 @@
# VMware View Planner RCE (CVE-2021-21978)
Description": "VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.
**Affected version**: VMware
**[FOFA](https://fofa.so/result?q=app%3D%22VMware-vCenter%22+%7C%7C+app%3D%22VMware-VirtualCenter%22&qbase64=YXBwPSJWTXdhcmUtdkNlbnRlciIgfHwgYXBwPSJWTXdhcmUtVmlydHVhbENlbnRlciI%3D&file=&file=) query rule**: title=\"Viewplanner"
# Demo
![](VMware_View_Planner_RCE(CVE-2021-21978).gif)

BIN
VMware/CVE-2021-21978/VMware_View_Planner_RCE(CVE-2021-21978).gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.0 MiB