VMware VCenter Server file upload

Added: 02/25/2021

Background

VMware VCenter Server is server management software for controlling VMware VSphere environments.

Problem

A vulnerability in VMware VCenter Server allows remote, unauthenticated attackers to upload files to arbitrary locations on the server, leading to command execution.

Resolution

Apply the fix referenced in VMSA-2021-0002.

References

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

Limitations

Exploit works against Linux targets. The exploit attempts to upload /home/vsphere-ui/.ssh/authorized_keys to the target. This file should be manually removed after successful exploitation.

The exploit may fail if the vsphere-ui user's password has expired.

Platforms

Linux

Back to exploit index