Home / exploitsPDF  

VMware vCenter Server Analytics (CEIP) Service File Upload

Posted on 07 October 2021

This Metasploit module exploits a file upload in VMware vCenter Server's analytics/telemetry (CEIP) service to write a system crontab and execute shell commands as the root user. Note that CEIP must be enabled for the target to be exploitable by this module. CEIP is enabled by default.

 

TOP