module
VMware View Planner Unauthenticated Log File Upload RCE
| Disclosed |
|---|
| Mar 2, 2021 |
Disclosed
Mar 2, 2021
Description
This module exploits an unauthenticated log file upload within the
log_upload_wsgi.py file of VMWare View Planner 4.6 prior to 4.6
Security Patch 1.
Successful exploitation will result in RCE as the apache user inside
the appacheServer Docker container.
log_upload_wsgi.py file of VMWare View Planner 4.6 prior to 4.6
Security Patch 1.
Successful exploitation will result in RCE as the apache user inside
the appacheServer Docker container.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.