CVE-2021-21972

This exploit targets CVE-2021-21972, an unauthenticated RCE vulnerability in VMware vCenter Server. It uploads a malicious JSP file and a reverse shell script via a tar archive, then triggers execution to achieve remote code execution.

This exploit leverages an unauthenticated file upload vulnerability in VMware vCenter Server (CVE-2021-21972) to upload malicious files, including SSH keys or JSP webshells, depending on the target version. It includes version detection and payload customization for different vCenter versions.

This repository contains a Go-based exploit tool for multiple VMware vCenter vulnerabilities, including CVE-2022-22954 (RCE), CVE-2021-21972, CVE-2021-21985, CVE-2021-22005, and Log4j (CVE-2021-44228). It supports command execution, file upload, reverse shells, and SSH key deployment.

This repository contains a functional exploit for CVE-2021-21972, a directory traversal vulnerability in VMware vCenter Server. The exploit uploads a malicious JSP file to achieve remote code execution (RCE) by leveraging the vulnerable `/ui/vropspluginui/rest/services/uploadova` endpoint.

This repository contains a functional exploit for CVE-2021-21972, a directory traversal vulnerability in VMware vCenter Server. The exploit allows unauthenticated file upload via a crafted tar archive, leading to remote code execution on both Windows and Unix targets.

This repository contains NSE scripts for detecting vulnerabilities, including CVE-2020-1350 (SIGRed) and CVE-2020-0796 (SMBGhost). The scripts are designed for safe detection and do not include exploit payloads.

The repository contains a Python script that checks for the presence of CVE-2021-21972 by sending a crafted request to the target URL and verifying the response. It does not include an exploit module for achieving RCE, as stated in the README.

This repository provides a detection script for CVE-2021-21972, a remote code execution vulnerability in VMware vCenter Server. It checks for the presence of the vulnerable endpoint '/ui/vropspluginui/rest/services/uploadova' and verifies the response for indicators of vulnerability.

This repository contains a functional exploit for CVE-2021-21972, a remote code execution vulnerability in VMware vCenter Server. The exploit leverages a directory traversal flaw in the vSphere Client (HTML5) plugin to upload a malicious tar file, enabling SSH key injection for unauthorized access.

This repository contains an Nmap script designed to detect the presence of CVE-2021-21972, a remote code execution vulnerability in VMware vCenter Server. The script scans for the vulnerability but does not include exploit code for actual exploitation.

The repository contains a PoC script written in Python using the pocsuite3 framework to detect the VMware vCenter unauthorized RCE vulnerability (CVE-2021-21972). The script checks for the presence of the vulnerability by sending HTTP requests to specific endpoints and verifying the response, but it does not include exploit code to achieve RCE.

This repository contains a functional Metasploit exploit for CVE-2021-21972, an unauthenticated file upload vulnerability in VMware vCenter Server. The exploit allows remote code execution by uploading a malicious JSP file or SSH key via a crafted tar archive.

This repository contains a functional exploit for CVE-2021-21972, a file upload vulnerability in VMware vCenter 6.5-7.0. The exploit uploads a malicious JSP file (Behinder payload) to achieve remote code execution.

The repository contains a Python script that scans for CVE-2021-21972, a VMware vCenter Server RCE vulnerability, by checking specific endpoints for characteristic responses. It does not include exploit code but verifies vulnerability presence.

This repository provides a detailed technical analysis of CVE-2021-21972, an unauthorized file upload vulnerability in VMware vCenter Server leading to RCE. It includes a breakdown of the vulnerable code in `ServicesController.class`, exploitation steps, and verification methods.

The repository contains a Python script that scans for CVE-2021-21972 by checking if the target endpoint returns a 405 status code, indicating potential vulnerability. It does not include exploit code for achieving RCE but confirms the presence of the vulnerable endpoint.

This repository provides a detailed technical analysis of CVE-2021-21972, an unauthorized file upload vulnerability in VMware vCenter Server leading to RCE. It includes vulnerability root cause analysis, affected code snippets, and exploitation steps but lacks functional exploit code.

This repository contains a functional exploit for CVE-2021-21972, a remote code execution vulnerability in VMware vCenter Server. The exploit automates the process of generating an SSH keypair, creating a malicious archive with directory traversal, and sending it to the vulnerable endpoint to achieve RCE via SSH access.

This repository contains a functional exploit for CVE-2021-21972, a directory traversal vulnerability in VMware vCenter Server. The exploit allows an unauthenticated attacker to upload arbitrary files to the server, leading to remote code execution (RCE) by placing malicious files in specific directories.

This Go-based tool scans for CVE-2021-21972 by checking if the target endpoint `/ui/vropspluginui/rest/services/uploadova` returns a 405 status code, indicating potential vulnerability. It supports multi-threading and writes vulnerable URLs to a file.

This PoC exploits CVE-2021-21972, a directory traversal vulnerability in VMware vCenter Server Appliance (VCSA) 6.7, by uploading a malicious OVA file to write an SSH authorized key to a privileged user's directory, enabling remote code execution.

The repository claims to be a scanner for CVE-2021-21972 but lacks actual exploit code or technical details. It instructs users to download and run an executable without providing source code or analysis.

This repository contains a PowerShell script that scans for VMware vCenter CVE-2021-21972 by checking for specific HTTP responses (405 for vulnerable, 401 for patched) from the `/ui/vropspluginui/rest/services/uploadova` endpoint. It does not exploit the vulnerability but detects its presence.

This repository contains a functional exploit for CVE-2021-21972, a directory traversal vulnerability in VMware vCenter Server. The exploit crafts a malicious tar file to write arbitrary files (e.g., SSH keys or JSP webshells) to sensitive locations on both Linux and Windows systems via the `/ui/vropspluginui/rest/services/uploadova` endpoint.

This repository provides a detection script for CVE-2021-21972, a remote code execution vulnerability in VMware vCenter Server. It checks for the presence of the vulnerable endpoint '/ui/vropspluginui/rest/services/uploadova' and verifies the response for indicators of vulnerability.

This repository contains an Nmap script designed to detect the presence of CVE-2021-21972, a remote code execution vulnerability in VMware vCenter Server. The script scans for the vulnerability but does not include functional exploit code.

The repository claims to exploit CVE-2021-21972 but contains no functional exploit code, instead focusing on vague 'CTT temporal resonance' concepts and external timing mechanisms. The actual vulnerability interaction is truncated, and the code appears to be a lure with buzzwords rather than a legitimate PoC.

This repository contains a functional exploit PoC for CVE-2021-21972, an unauthorized file upload vulnerability in VMware vCenter Server. The exploit leverages a directory traversal flaw in the vRealize Operations vCenter Plugin to upload arbitrary files, enabling remote code execution.

This repository contains a functional exploit for CVE-2021-21972, a directory traversal vulnerability in VMware vSphere. The PoC leverages a tarfile upload mechanism to write arbitrary files, enabling SSH key injection or JSP webshell deployment for remote code execution.

The repository contains a Python script that scans for CVE-2021-21972 by sending HTTP requests to a specific endpoint and checking for a 405 status code response. It does not include exploit code but detects potential vulnerabilities.

This repository contains a functional exploit for CVE-2021-21972, targeting VMware vCenter Server versions 6.5 to 7.0. The exploit leverages a directory traversal vulnerability to write an SSH authorized key, enabling remote code execution via SSH.

The repository contains only Python virtual environment files and dependencies (certifi, chardet) without any actual exploit code or technical details related to CVE-2021-21972.

This Metasploit module exploits an unauthenticated OVA file upload and path traversal vulnerability in VMware vCenter Server to achieve remote code execution by writing a JSP payload to a web-accessible directory.