Skip to content

yaunsky/CVE-2021-21972

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
CVE-2021-21972.py
CVE-2021-21972.py
 
 
README.md
README.md
 
 
url.txt
url.txt
 
 

Repository files navigation

CVE-2021-21972

漏洞描述

cve-2021-21972代码执行漏洞

具有443端口访问权限的恶意攻击者可以通过向vCenter Server发送精心构造的请求,最终造成远程任意代码执行。

漏洞检测

1、漏洞为任意文件上传

2、漏洞存在的接口为

/ui/vropspluginui/rest/services/uploadova

完整路径

https://domain.com/ui/vropspluginui/rest/services/uploadova

修复建议

- vCenter Server7.0版本升级到7.0.U1c

- vCenter Server6.7版本升级到6.7.U3l

- vCenter Server6.5版本升级到6.5 U3n

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages