This is a POC for CVE-2021-38647 :
Send a POST request to /wsman with the content of payload.xml and only change the command with your desired one,
AS POC, only id command is executed.
Source: https://www.wiz.io/blog/omigod-critical-vulnerabilities-in-omi-azure
Follow if you like : https://twitter.com/silentgh00st