Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-22005

Description

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

POC

Reference

- http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html

- https://www.vmware.com/security/advisories/VMSA-2021-0020.html

Github

- https://github.com/12442RF/Learn

- https://github.com/1ZRR4H/CVE-2021-22005

- https://github.com/20142995/nuclei-templates

- https://github.com/20142995/pocsuite3

- https://github.com/20142995/sectool

- https://github.com/24-2021/EXP-POC

- https://github.com/24-2021/fscan-POC

- https://github.com/5gstudent/CVE-2021-22005-

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/CHYbeta/Vuln100Topics

- https://github.com/CHYbeta/Vuln100Topics20

- https://github.com/CrackerCat/CVE-2021-22006

- https://github.com/DarkFunct/CVE_Exploits

- https://github.com/DarkFunct/exp_hub

- https://github.com/Drajoncr/AttackWebFrameworkTools

- https://github.com/Drakfunc/CVE_Exploits

- https://github.com/FDlucifer/firece-fish

- https://github.com/HimmelAward/Goby_POC

- https://github.com/InventorMAO/cve-2021-22005

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/Jeromeyoung/VMWare-CVE-Check

- https://github.com/Jun-5heng/CVE-2021-22005

- https://github.com/Mr-xn/Penetration_Testing_POC

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/NyxAzrael/Goby_POC

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/RedTeamExp/CVE-2021-22005_PoC

- https://github.com/SYRTI/POC_to_review

- https://github.com/Schira4396/VcenterKiller

- https://github.com/SofianeHamlaoui/Conti-Clear

- https://github.com/TaroballzChen/CVE-2021-22005-metasploit

- https://github.com/TheTh1nk3r/exp_hub

- https://github.com/Threekiii/Awesome-POC

- https://github.com/TiagoSergio/CVE-2021-22005

- https://github.com/Timirepo/CVE_Exploits

- https://github.com/TrojanAZhen/Self_Back

- https://github.com/UGF0aWVudF9aZXJv/VMWare-Pentesting

- https://github.com/Vulnmachines/VmWare-vCenter-vulnerability

- https://github.com/W01fh4cker/VcenterKit

- https://github.com/WhooAmii/POC_to_review

- https://github.com/WingsSec/Meppo

- https://github.com/X1pe0/VMWare-CVE-Check

- https://github.com/XiaomingX/awesome-poc-for-red-team

- https://github.com/Z0fhack/Goby_POC

- https://github.com/aneasystone/github-trending

- https://github.com/b1ank1108/awesome-stars

- https://github.com/chaosec2021/EXP-POC

- https://github.com/chaosec2021/fscan-POC

- https://github.com/czz1233/fscan

- https://github.com/d4n-sec/d4n-sec.github.io

- https://github.com/dabaibuai/dabai

- https://github.com/djytmdj/Tool_Summary

- https://github.com/guchangan1/All-Defense-Tool

- https://github.com/hanc00l/some_pocsuite

- https://github.com/izj007/wechat

- https://github.com/k0imet/CVE-POCs

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/lions2012/Penetration_Testing_POC

- https://github.com/mamba-2021/EXP-POC

- https://github.com/mamba-2021/fscan-POC

- https://github.com/manas3c/CVE-POC

- https://github.com/merlinepedra/AttackWebFrameworkTools-5.0

- https://github.com/merlinepedra25/AttackWebFrameworkTools-5.0

- https://github.com/nday-ldgz/ZoomEye-dork

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/onewinner/VulToolsKit

- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main

- https://github.com/peiqiF4ck/WebFrameworkTools-5.5

- https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

- https://github.com/pen4uin/awesome-vulnerability-research

- https://github.com/pen4uin/vulnerability-research

- https://github.com/pen4uin/vulnerability-research-list

- https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity

- https://github.com/r0ckysec/CVE-2021-22005

- https://github.com/r0eXpeR/supplier

- https://github.com/rwincey/CVE-2021-22005

- https://github.com/shengshengli/AttackWebFrameworkTools-5.0

- https://github.com/shengshengli/fscan-POC

- https://github.com/shmilylty/cve-2021-22005-exp

- https://github.com/soosmile/POC

- https://github.com/taielab/awesome-hacking-lists

- https://github.com/tiagob0b/CVE-2021-22005

- https://github.com/timb-machine-mirrors/CVE-2021-22005

- https://github.com/timb-machine-mirrors/testanull-CVE-2021-22005.py

- https://github.com/trhacknon/Pocingit

- https://github.com/vikerup/Get-vSphereVersion

- https://github.com/viksafe/Get-vSphereVersion

- https://github.com/vpxuser/Central-Management-System-Exploitation-Cheat-Sheet

- https://github.com/vpxuser/centralized-system-pentest-cheat-sheet

- https://github.com/whoami13apt/files2

- https://github.com/whoami13apt/tool-

- https://github.com/whoforget/CVE-POC

- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-

- https://github.com/xuetusummer/Penetration_Testing_POC

- https://github.com/youwizard/CVE-POC

- https://github.com/zecool/cve

- https://github.com/zhangziyang301/All-Defense-Tool

- https://github.com/zidanfanshao/vcenter_tools