CVE-2024-37081 PoC — VMvare vCenter Server 安全漏洞

Source

https://github.com/mbadanoiu/CVE-2024-37081

Associated Vulnerability

Title:VMvare vCenter Server 安全漏洞 (CVE-2024-37081)
Description:The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.

Description

CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

Readme

# CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.

### Vendor Disclosure:

The vendor's disclosure for this vulnerability can be found [here](https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453).

### Requirements:

This vulnerability requires:
<br/>
- Ability to run system commands as a misconfigured sudo user or group

### Proof Of Concept:

More details and the exploitation process can be found in this [PDF](https://github.com/mbadanoiu/CVE-2024-37081/blob/main/VMware%20vCenter%20-%20CVE-2024-37081.pdf).

File Snapshot


 [4.0K]  /data/pocs/038d0ae418032a9babd0d05a0509baa5bba321ff
├── [ 863]  README.md
└── [1.3M]  VMware vCenter - CVE-2024-37081.pdf

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!