CVE-2020-3952

This repository contains a functional Python exploit for CVE-2020-3952, which leverages an LDAP authentication bypass in VMware vCenter to create a new administrative user. The exploit performs an LDAP bind with invalid credentials, adds a new user, and grants it administrator privileges.

This repository contains a functional exploit PoC for CVE-2020-3952, a remote command injection vulnerability in VMware vCenter Server. The script sends a crafted payload to establish a reverse shell on the target system.

This script checks for the presence of CVE-2020-3952 by verifying vCenter upgrade logs and version details via SSH. It does not exploit the vulnerability but confirms susceptibility based on version and upgrade history.

This repository contains a functional Python exploit for CVE-2020-3952, which leverages an LDAP authentication bypass in VMware vCenter to create a new administrative user. The exploit performs an LDAP bind with invalid credentials, adds a new user, and grants it administrator privileges.

This repository contains a functional exploit PoC for CVE-2020-3952, which targets VMware vCenter Server. The exploit checks for vulnerability by attempting to modify the 'description' attribute of the built-in Administrators group via LDAP, demonstrating the vulnerability without creating an admin user.

This Metasploit module exploits CVE-2020-3952, an information disclosure vulnerability in VMware vCenter Server's vmdir LDAP service. It performs an anonymous or authenticated LDAP bind to dump sensitive data, including password hashes, from vulnerable systems.

This exploit demonstrates an authentication bypass vulnerability in VMware vCenter Server 6.7 by manipulating LDAP packets to create a new user and add it to the Administrators group. It leverages improper access controls in upgraded vCenter instances.

This Metasploit module exploits an LDAP authentication bypass in VMware vCenter Server's vmdir service (CVE-2020-3952) to add an arbitrary administrator user. It leverages invalid credentials to bypass authentication and then adds a new user to the Administrators group.