This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin’s ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Update 3m (Linux appliance

You May Also Like

CVE-2021-20090 actively exploited to target millions of IoT devices worldwide

Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090) affecting…