This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin’s ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Update 3m (Linux appliance
You May Also Like
GetSimple CMS 3.3.4 Information Disclosure
GetSimple CMS version 3.3.4 suffers from an information disclosure vulnerability.
- cybersecurityredflag_sdevzw
- June 2, 2021
CommScope Ruckus IoT Controller 1.7.1.0 Web Application Directory Traversal
A Python script (web.py) for a Dockerized webservice contains a directory traversal…
- cybersecurityredflag_sdevzw
- May 27, 2021
CVE-2021-20090 actively exploited to target millions of IoT devices worldwide
Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090) affecting…
- cybersecurityredflag_sdevzw
- August 7, 2021
Backdoor.Win32.XRat.d Code Execution
Backdoor.Win32.XRat.d malware suffers from a code execution vulnerability.
- cybersecurityredflag_sdevzw
- June 9, 2021