CVE-2021-21978

EPSS 90.50% · P100 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-21978

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

VMware View Planner 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

VMware View Planner是美国VMware公司的一个应用软件。提供了一种可捕获部署平台的整体可扩展性以及给定桌面内每个单独的应用程序操作性能的方法。 VMware View Planner 4.x prior to 4.6 存在安全漏洞，改漏洞允许具有网络访问权的未经授权的攻击者可以上传和执行一个特别制作的文件，导致在logupload容器中远程执行代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	VMware View Planner	VMware View Planner 4.x prior to 4.6 Security Patch 1	-

II. Public POCs for CVE-2021-21978

#	POC Description	Source Link	Shenlong Link
1	CVE-2021-21978 exp	https://github.com/GreyOrder/CVE-2021-21978	POC Details
2	CVE-2021-21978 EXP	https://github.com/me1ons/CVE-2021-21978	POC Details
3	带回显版本的漏洞利用脚本	https://github.com/skytina/CVE-2021-21978	POC Details
4	VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21978.yaml	POC Details
5	None	https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/VMware%20View%20Planner%20%E6%9C%AA%E6%8E%88%E6%9D%83RCE%20CVE-2021-21978.md	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-21978

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-03-03 · 36 CVEs total

CVE-2021-23347	4.7 MEDIUM	Cross-site Scripting (XSS)
CVE-2020-28597		Epignosis EfrontPro 安全漏洞
CVE-2020-25647		grub2 缓冲区错误漏洞
CVE-2020-25632		grub2 资源管理错误漏洞
CVE-2021-20225		grub2 缓冲区错误漏洞
CVE-2021-20233		grub2 缓冲区错误漏洞
CVE-2020-29047		WordPress 代码问题漏洞
CVE-2021-22877		Nextcloud 访问控制错误漏洞
CVE-2021-22878		Nextcloud Server 跨站脚本漏洞
CVE-2020-8296		Nextcloud 安全漏洞
CVE-2020-27749		grub2 缓冲区错误漏洞
CVE-2020-28591		Slic3r 缓冲区错误漏洞
CVE-2020-13558		WebKitGTK 资源管理错误漏洞
CVE-2021-22681		Rockwell Automation RSLogix 500 和 Logix Designer Studio 5000 安全漏洞
CVE-2021-27839		Online Invoicing System 注入漏洞
CVE-2021-27935		AdGuard 安全漏洞
CVE-2021-27931		LumisXP 代码问题漏洞
CVE-2021-27940		openark orchestrator 跨站脚本漏洞
CVE-2021-22666		FATEK FvDesigner 缓冲区错误漏洞
CVE-2021-27923		Pillow 输入验证错误漏洞

Showing top 20 of 36 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

V. Comments for CVE-2021-21978

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-21978

I. Basic Information for CVE-2021-21978

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2021-21978

III. Intelligence Information for CVE-2021-21978

Same Patch Batch · n/a · 2021-03-03 · 36 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-21978

Leave a comment