Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Aria Operations for Networks (Formerly vRealize Network Insight) | Aria Operations for Networks (Formerly vRealize Network Insight) 6.x | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887) | https://github.com/sinsinology/CVE-2023-20887 | POC Details |
| 2 | VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887) | https://github.com/miko550/CVE-2023-20887 | POC Details |
| 3 | VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887) | https://github.com/Malwareman007/CVE-2023-20887 | POC Details |
| 4 | VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor can get remote code execution in the context of 'root' on the appliance. VMWare 6.x version are vulnerable. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-20887.yaml | POC Details |
No public POC found.
Login to generate AI POCNo comments yet