module
VMware vCenter Server Analytics (CEIP) Service File Upload
| Disclosed |
|---|
| Sep 21, 2021 |
Disclosed
Sep 21, 2021
Description
This module exploits a file upload in VMware vCenter Server's
analytics/telemetry (CEIP) service to write a system crontab and
execute shell commands as the root user.
Note that CEIP must be enabled for the target to be exploitable by
this module. CEIP is enabled by default.
analytics/telemetry (CEIP) service to write a system crontab and
execute shell commands as the root user.
Note that CEIP must be enabled for the target to be exploitable by
this module. CEIP is enabled by default.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.