.. / CVE-2021-21973

Exploit for VMware vSphere - Server-Side Request Forgery (CVE-2021-21973)

Description:

VMware vSphere (HTML5) is susceptible to server-side request forgery due to improper validation of URLs in a vCenter Server plugin. An attacker with network access to port 443 can exploit this issue by sending a POST request to the plugin. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l, and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).

Nuclei Template

View the template here CVE-2021-21973.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-21973.yaml

References:

https://twitter.com/bytehx343/status/1486582542807420928
https://nvd.nist.gov/vuln/detail/CVE-2021-21973
https://www.vmware.com/security/advisories/VMSA-2021-0002.html
https://twitter.com/osama_hroot/status/1365586206982082560
https://github.com/soosmile/POC

.. / CVE-2021-21973 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for VMware vSphere - Server-Side Request Forgery (CVE-2021-21973)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-21973