VMware vCenter Server Analytics (CEIP) Service File Upload

Discussion in 'News Aggregator' started by Packet Storm, 7 Oct 2021.

  1. Packet Storm

    Packet Storm Guest

    This Metasploit module exploits a file upload in VMware vCenter Server's analytics/telemetry (CEIP) service to write a system crontab and execute shell commands as the root user. Note that CEIP must be enabled for the target to be exploitable by this module. CEIP is enabled by default.

    Continue reading...

Share This Page