### [CVE-2021-22005](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22005)
![](https://img.shields.io/static/v1?label=Product&message=VMware%20vCenter%20Server%2C%20VMware%20Cloud%20Foundation&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=File%20upload%20vulnerability&color=brighgreen)

### Description

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

### POC

#### Reference
- http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html
- https://www.vmware.com/security/advisories/VMSA-2021-0020.html

#### Github
- https://github.com/1ZRR4H/CVE-2021-22005
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
- https://github.com/5gstudent/CVE-2021-22005-
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/CHYbeta/Vuln100Topics
- https://github.com/CHYbeta/Vuln100Topics20
- https://github.com/CrackerCat/CVE-2021-22006
- https://github.com/DarkFunct/CVE_Exploits
- https://github.com/Drakfunc/CVE_Exploits
- https://github.com/FDlucifer/firece-fish
- https://github.com/HimmelAward/Goby_POC
- https://github.com/InventorMAO/cve-2021-22005
- https://github.com/Jeromeyoung/VMWare-CVE-Check
- https://github.com/Jun-5heng/CVE-2021-22005
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/RedTeamExp/CVE-2021-22005_PoC
- https://github.com/SYRTI/POC_to_review
- https://github.com/Schira4396/VcenterKiller
- https://github.com/SofianeHamlaoui/Conti-Clear
- https://github.com/TaroballzChen/CVE-2021-22005-metasploit
- https://github.com/TheTh1nk3r/exp_hub
- https://github.com/Threekiii/Awesome-POC
- https://github.com/TiagoSergio/CVE-2021-22005
- https://github.com/Timirepo/CVE_Exploits
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/Vulnmachines/VmWare-vCenter-vulnerability
- https://github.com/W01fh4cker/VcenterKit
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WingsSec/Meppo
- https://github.com/X1pe0/VMWare-CVE-Check
- https://github.com/Z0fhack/Goby_POC
- https://github.com/aneasystone/github-trending
- https://github.com/chaosec2021/EXP-POC
- https://github.com/chaosec2021/fscan-POC
- https://github.com/czz1233/fscan
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dabaibuai/dabai
- https://github.com/djytmdj/Tool_Summary
- https://github.com/guchangan1/All-Defense-Tool
- https://github.com/hanc00l/some_pocsuite
- https://github.com/izj007/wechat
- https://github.com/k0imet/CVE-POCs
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/mamba-2021/EXP-POC
- https://github.com/mamba-2021/fscan-POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nday-ldgz/ZoomEye-dork
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/onewinner/VulToolsKit
- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity
- https://github.com/r0ckysec/CVE-2021-22005
- https://github.com/r0eXpeR/supplier
- https://github.com/rwincey/CVE-2021-22005
- https://github.com/shengshengli/fscan-POC
- https://github.com/shmilylty/cve-2021-22005-exp
- https://github.com/soosmile/POC
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/tiagob0b/CVE-2021-22005
- https://github.com/timb-machine-mirrors/CVE-2021-22005
- https://github.com/timb-machine-mirrors/testanull-CVE-2021-22005.py
- https://github.com/trhacknon/Pocingit
- https://github.com/vikerup/Get-vSphereVersion
- https://github.com/viksafe/Get-vSphereVersion
- https://github.com/whoami13apt/files2
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
- https://github.com/zhangziyang301/All-Defense-Tool