CVE-2021-21972

漏洞描述

cve-2021-21972代码执行漏洞

具有443端口访问权限的恶意攻击者可以通过向vCenter Server发送精心构造的请求，最终造成远程任意代码执行。

漏洞检测

1、漏洞为任意文件上传

2、漏洞存在的接口为

/ui/vropspluginui/rest/services/uploadova，

完整路径

https://domain.com/ui/vropspluginui/rest/services/uploadova

修复建议

- vCenter Server7.0版本升级到7.0.U1c

- vCenter Server6.7版本升级到6.7.U3l

- vCenter Server6.5版本升级到6.5 U3n

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
CVE-2021-21972.py		CVE-2021-21972.py
README.md		README.md
url.txt		url.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2021-21972

漏洞描述

漏洞检测

修复建议

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

CVE-2021-21972

漏洞描述

漏洞检测

修复建议

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages