CVE-2021-22005

This repository contains a functional exploit for CVE-2021-22005, an arbitrary file upload vulnerability in VMware vCenter Server's analytics service. The exploit leverages directory traversal and a malicious manifest to write a JSP webshell to the target system, achieving remote code execution.

This PoC exploits CVE-2021-22005, a server-side template injection vulnerability in VMware vCenter Server, to achieve remote code execution (RCE) by uploading a malicious JSP webshell. The exploit leverages the analytics service to deploy a crafted manifest that writes a webshell to the server, which is then accessible for command execution.

This repository contains functional Metasploit modules for CVE-2021-22005, an arbitrary file upload vulnerability in VMware vCenter Server. The PoC uploads a harmless JSP file, while the exploit module achieves RCE by uploading a malicious payload.

This repository contains a functional exploit for CVE-2021-22005, a VMware vCenter Server arbitrary file upload vulnerability. The Python script automates the creation of an agent and uploads a malicious manifest to achieve remote code execution via a JSP webshell.

The repository contains a Python script that scans for CVE-2021-22005 by sending a crafted HTTP POST request to a specific endpoint and checking the response status code. It does not include exploit code for achieving remote code execution or other offensive actions.

This repository contains a one-liner bash script that checks for the presence of CVE-2021-22005 in VMware vCenter by sending a crafted HTTP POST request to the vulnerable endpoint and analyzing the response code. It does not exploit the vulnerability but scans for its presence.

This repository contains functional exploit code for CVE-2021-22005, an arbitrary file upload vulnerability in VMware vCenter Server. The PoC demonstrates file upload and RCE capabilities via Metasploit modules.

The repository contains no actual exploit code but instead redirects to external links for a gist and a PoC in another repository. The README lacks technical details about the vulnerability and serves as a placeholder with minimal content.

This repository contains a Sigma rule designed to detect scanning activity for CVE-2021-22005, a vulnerability in VMware vCenter. The rule monitors for POST requests to a specific URI path associated with the vulnerability.

This PoC exploits CVE-2021-22005, a server-side template injection vulnerability in VMware vCenter Server, to achieve remote code execution (RCE) by deploying a webshell. The exploit leverages path traversal and template injection to write a malicious JSP file to the server.

The repository contains scripts to detect CVE-2021-22005 in VMware vCenter Server by sending a crafted HTTP POST request to the telemetry endpoint and checking for a 201 response. It does not exploit the vulnerability but scans for its presence.

This repository contains a functional exploit tool for multiple VMware vCenter vulnerabilities, including CVE-2021-22005. It provides command execution, file upload, and reverse shell capabilities, with specific modules for different CVEs.

This exploit leverages a directory traversal and arbitrary file write vulnerability in VMware vCenter Server to deploy a malicious JSP shell, enabling remote code execution. The script automates the creation of an agent, injection of a malicious manifest, and interaction with the deployed shell.

The repository contains a functional exploit for CVE-2021-22005, which targets VMware vCenter Server. The exploit leverages a file upload vulnerability to achieve remote code execution (RCE) by creating a malicious agent and uploading a JSP shell.

This Metasploit module exploits a file upload vulnerability in VMware vCenter Server's analytics/telemetry (CEIP) service to write a system crontab and execute shell commands as the root user. It leverages path traversal to place a malicious crontab file in /etc/cron.d/.