| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1 | https://github.com/CsEnox/CVE-2021-22911 | POC详情 |
| 2 | Full unauthenticated RCE proof of concept for Rocket.Chat 3.12.1 CVE-2021-22911 | https://github.com/optionalCTF/Rocket.Chat-Automated-Account-Takeover-RCE-CVE-2021-22911 | POC详情 |
| 3 | Modifed ver of the original exploit to save some times on password reseting for unprivileged user | https://github.com/jayngng/CVE-2021-22911 | POC详情 |
| 4 | exploit for CVE-2021-22911 in rust | https://github.com/ChrisPritchard/CVE-2021-22911-rust | POC详情 |
| 5 | None | https://github.com/MrDottt/CVE-2021-22911 | POC详情 |
| 6 | None | https://github.com/overgrowncarrot1/CVE-2021-22911 | POC详情 |
| 7 | None | https://github.com/vlrhsgody/-vlrhsgody-RocketChat-CVE-2021-22911- | POC详情 |
| 8 | None | https://github.com/vlrhsgody/CVE-2021-22911 | POC详情 |
| 9 | some small changes to the code by CsEnox | https://github.com/Weisant/CVE-2021-22911-EXP | POC详情 |
| 10 | None | https://github.com/yoohhuu/Rocket-Chat-3.12.1-PoC-CVE-2021-22911- | POC详情 |
| 11 | Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-22911.yaml | POC详情 |
| 12 | None | https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Rocket%20Chat%20MongoDB%20%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%20CVE-2021-22911.md | POC详情 |
| 13 | https://github.com/vulhub/vulhub/blob/master/rocketchat/CVE-2021-22911/README.md | POC详情 |