CVEs-PoC/2021/CVE-2021-22005.md

CVE-2021-22005

Description

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.

POC

Reference

• http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html
• https://www.vmware.com/security/advisories/VMSA-2021-0020.html

Github

• https://github.com/1ZRR4H/CVE-2021-22005
• https://github.com/20142995/pocsuite3
• https://github.com/20142995/sectool
• https://github.com/5gstudent/CVE-2021-22005-
• https://github.com/ARPSyndicate/cvemon
• https://github.com/ARPSyndicate/kenzer-templates
• https://github.com/CHYbeta/Vuln100Topics
• https://github.com/CHYbeta/Vuln100Topics20
• https://github.com/CrackerCat/CVE-2021-22006
• https://github.com/DarkFunct/CVE_Exploits
• https://github.com/Drakfunc/CVE_Exploits
• https://github.com/FDlucifer/firece-fish
• https://github.com/HimmelAward/Goby_POC
• https://github.com/InventorMAO/cve-2021-22005
• https://github.com/Jeromeyoung/VMWare-CVE-Check
• https://github.com/Jun-5heng/CVE-2021-22005
• https://github.com/Mr-xn/Penetration_Testing_POC
• https://github.com/NaInSec/CVE-PoC-in-GitHub
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/RedTeamExp/CVE-2021-22005_PoC
• https://github.com/SYRTI/POC_to_review
• https://github.com/Schira4396/VcenterKiller
• https://github.com/SofianeHamlaoui/Conti-Clear
• https://github.com/TaroballzChen/CVE-2021-22005-metasploit
• https://github.com/TheTh1nk3r/exp_hub
• https://github.com/Threekiii/Awesome-POC
• https://github.com/TiagoSergio/CVE-2021-22005
• https://github.com/Timirepo/CVE_Exploits
• https://github.com/Vulnmachines/VmWare-vCenter-vulnerability
• https://github.com/W01fh4cker/VcenterKit
• https://github.com/WhooAmii/POC_to_review
• https://github.com/WingsSec/Meppo
• https://github.com/X1pe0/VMWare-CVE-Check
• https://github.com/Z0fhack/Goby_POC
• https://github.com/aneasystone/github-trending
• https://github.com/chaosec2021/EXP-POC
• https://github.com/chaosec2021/fscan-POC
• https://github.com/czz1233/fscan
• https://github.com/d4n-sec/d4n-sec.github.io
• https://github.com/dabaibuai/dabai
• https://github.com/djytmdj/Tool_Summary
• https://github.com/guchangan1/All-Defense-Tool
• https://github.com/hanc00l/some_pocsuite
• https://github.com/izj007/wechat
• https://github.com/k0imet/CVE-POCs
• https://github.com/k0mi-tg/CVE-POC
• https://github.com/lions2012/Penetration_Testing_POC
• https://github.com/mamba-2021/EXP-POC
• https://github.com/mamba-2021/fscan-POC
• https://github.com/manas3c/CVE-POC
• https://github.com/nday-ldgz/ZoomEye-dork
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/pen4uin/awesome-vulnerability-research
• https://github.com/pen4uin/vulnerability-research
• https://github.com/pen4uin/vulnerability-research-list
• https://github.com/pisut4152/Sigma-Rule-for-CVE-2021-22005-scanning-activity
• https://github.com/r0ckysec/CVE-2021-22005
• https://github.com/r0eXpeR/supplier
• https://github.com/rwincey/CVE-2021-22005
• https://github.com/shengshengli/fscan-POC
• https://github.com/shmilylty/cve-2021-22005-exp
• https://github.com/soosmile/POC
• https://github.com/taielab/awesome-hacking-lists
• https://github.com/tiagob0b/CVE-2021-22005
• https://github.com/timb-machine-mirrors/CVE-2021-22005
• https://github.com/timb-machine-mirrors/testanull-CVE-2021-22005.py
• https://github.com/trhacknon/Pocingit
• https://github.com/vikerup/Get-vSphereVersion
• https://github.com/viksafe/Get-vSphereVersion
• https://github.com/whoami13apt/files2
• https://github.com/whoforget/CVE-POC
• https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
• https://github.com/xuetusummer/Penetration_Testing_POC
• https://github.com/youwizard/CVE-POC
• https://github.com/zecool/cve
• https://github.com/zhangziyang301/All-Defense-Tool