CVE-2021-21975

This repository contains a functional Go-based exploit for CVE-2021-21975 and CVE-2021-21983, targeting VMware vRealize. It chains SSRF for credential theft, file overwrite for authentication bypass, and a privilege escalation to achieve root SSH access.

This repository contains an Nmap script designed to scan for CVE-2021-21975, an SSRF vulnerability in VMware vRealize Operations Manager. The script checks for the presence of the vulnerability but does not include exploit code.

This repository contains a functional Python script that exploits CVE-2021-21975, an SSRF vulnerability in VMware vRealize Operations Manager. The script sends a crafted POST request to the '/casa/nodes/thumbprints' endpoint with a user-controlled DNS log payload to trigger the SSRF.

This repository provides a detailed technical analysis of CVE-2021-21975, an SSRF vulnerability in VMware vRealize Operations Manager. It includes step-by-step exploitation details, HTTP request examples, and references to official advisories.

The repository provides a functional proof-of-concept for CVE-2021-21975, demonstrating an SSRF vulnerability in VMware vRealize Operations Manager API. It includes detailed HTTP request examples and responses, showcasing how an attacker can exploit the vulnerability to read internal resources and potentially steal administrative credentials.

The repository lacks exploit code and only provides a YouTube link and social media references, which is typical of suspicious repos aiming to lure users to external content.

This repository contains a functional exploit for CVE-2021-21975, an SSRF vulnerability in VMware vRealize Operations Manager. The exploit sends crafted requests to vulnerable hosts, triggering SSRF to leak credentials via a collaborator server (e.g., webhook.site or Burp Collaborator).

The repository contains a functional Python script that exploits CVE-2021-21975, an SSRF vulnerability in VMware vRealize Operations Manager. The script sends a crafted POST request to the '/casa/nodes/thumbprints' endpoint with a user-controlled DNS log payload to trigger the SSRF.

The repository contains a functional exploit for CVE-2021-21975, a VMware vRealize Operations Manager SSRF vulnerability. The PoC sends a crafted request to the vulnerable endpoint to trigger an SSRF, verifying exploitation via DNS callback.

This Metasploit module exploits CVE-2021-21975 (SSRF) and CVE-2021-21983 (file write) in VMware vRealize Operations Manager to leak admin credentials and achieve remote code execution via a JSP payload.