CVE-2021-21975 PoC — VMware vRealize Operations 代码问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21975.yaml

Associated Vulnerability

Title:VMware vRealize Operations 代码问题漏洞 (CVE-2021-21975)
Description:vmware VMware vRealize Operations是美国威睿（vmware）公司的一个应用程序。一个统一的，基于AI的平台上为私有，混合和多云环境提供自动驾驶的IT运营管理。 VMware vRealize Operations 存在安全漏洞，该漏洞源于更新地址服务器端请求伪造和任意文件写入。

Description

vRealize Operations Manager API is susceptible to server-side request forgery. A malicious actor with network access to the vRealize Operations Manager API can steal administrative credentials or trigger remote code execution using CVE-2021-21983.

File Snapshot


 id: CVE-2021-21975

info:
  name: vRealize Operations Manager API - Server-Side Request Forgery
  au

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!