CVE-2021-22054 PoC — Vmware Workspace One 代码问题漏洞

Source

https://github.com/MKSx/CVE-2021-22054

Associated Vulnerability

Title:Vmware Workspace One 代码问题漏洞 (CVE-2021-22054)
Description:Vmware Vmware Workspace One是美国Vmware公司的一个用于支持跨设备应用于快速交付、管理应用程序的平台。该平台包含VMware Horizon 和 VMware Horizon Cloud，将访问控制、应用程序管理和多平台端点管理集成到一个平台中，可高效管理多个设备。 VMware Workspace ONE UEM 存在代码问题漏洞，该漏洞源于VMware Workspace ONE UEM控制台20.0.8之前的20.0.8.37、20.11.0之前的20.11.0.40、

Description

Generate SSRF payloads

Readme

# CVE-2021-22054
Generate SSRF payloads

#### References
https://blog.assetnote.io/2022/04/27/advisory-vmware-workspace-one-uem/

https://blog.assetnote.io/2022/04/27/vmware-workspace-one-uem-ssrf/

#### Examples
```bash

# generate POC
python3 ssrf.py --url https://target.com --url https://example.com --airwatch
python3 ssrf.py --url https://target.com --url https://example.com

# generate PPOC and send request
python3 ssrf.py --url https://target.com --url https://example.com --airwatch --request --proxy http://127.0.0.1:8080
python3 ssrf.py --url https://target.com --url https://example.com --airwatch --request --method POST --data '{"a":1}' -H 'Content-Type: application/json" --debug-headers
```

![image](https://user-images.githubusercontent.com/17793927/171933588-1b8d92f4-c751-40ca-a6bc-ad2102022bcf.png)

![image](https://user-images.githubusercontent.com/17793927/171933638-a0be0782-32cc-41db-b892-b49a9adcd574.png)

File Snapshot


 [4.0K]  /data/pocs/1d450137c9a67a7d3e65980349d1c344873c0cf3
├── [ 935]  README.md
├── [  38]  requirements.txt
└── [7.6K]  ssrf.py

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!