.. / CVE-2021-21978

Exploit for VMware View Planner <4.6 SP1- Remote Code Execution (CVE-2021-21978)

Description:

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.

Nuclei Template

View the template here CVE-2021-21978.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-21978.yaml

References:

https://twitter.com/osama_hroot/status/1367258907601698816
https://www.vmware.com/security/advisories/VMSA-2021-0003.html
http://packetstormsecurity.com/files/161879/VMware-View-Planner-4.6-Remote-Code-Execution.html
https://github.com/HimmelAward/Goby_POC
https://nvd.nist.gov/vuln/detail/CVE-2021-21978

.. / CVE-2021-21978 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for VMware View Planner <4.6 SP1- Remote Code Execution (CVE-2021-21978)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2021-21978