VMware vCenter Server Analytics (CEIP) Service File Upload
Posted by deepcore on October 7, 2021 – 9:05 pm
This Metasploit module exploits a file upload in VMware vCenter Server’s analytics/telemetry (CEIP) service to write a system crontab and execute shell commands as the root user. Note that CEIP must be enabled for the target to be exploitable by this module. CEIP is enabled by default.
Post a reply
You must be logged in to post a comment.