CVE-2023-20887

CRITICAL KEV NUCLEI

VMWare Aria Operations for Networks (vRealize Network Insight) pre-authenticated RCE

Title source: metasploit

Description

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.

Exploits (4)

nomisec WORKING POC 232 stars
by sinsinology · remote
https://github.com/sinsinology/CVE-2023-20887
nomisec WORKING POC 8 stars
by Malwareman007 · remote
https://github.com/Malwareman007/CVE-2023-20887
nomisec WORKING POC 6 stars
by miko550 · remote
https://github.com/miko550/CVE-2023-20887
metasploit WORKING POC EXCELLENT
by Sina Kheirkhah, Anonymous with Trend Micro Zero Day Initiative, h00die · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/vmware_vrni_rce_cve_2023_20887.rb

Nuclei Templates (1)

VMware VRealize Network Insight - Remote Code Execution
CRITICALVERIFIEDby sinsinology
Shodan: title:"VMware vRealize Network Insight" || http.title:"vmware vrealize network insight" || http.title:"vmware aria operations"
FOFA: title="VMware vRealize Network Insight" || title="vmware aria operations" || title="vmware vrealize network insight"

References (3)

Scores

CVSS v3 9.8
EPSS 0.9426
EPSS Percentile 99.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-06-22
VulnCheck KEV 2023-06-20
InTheWild.io 2023-06-20
ENISA EUVD EUVD-2023-25058
CWE
CWE-77
Status published
Products (1)
vmware/aria_operations_for_networks 6.2.0 - 6.10.0
Published Jun 07, 2023
KEV Added Jun 22, 2023
Tracked Since Feb 18, 2026