Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-22954 PoC — VMware 多款产品代码注入漏洞

Source
https://github.com/axingde/CVE-2022-22954-POC
Associated Vulnerability
Title:VMware 多款产品代码注入漏洞 (CVE-2022-22954)
Description:VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
Description
提供单个或批量URL扫描是否存在CVE-2022-22954功能
Readme
## VMware-CVE-2022-22954-POC

**声明:该POC仅供于学习专用,禁止一切违法操作,如果进行恶意破坏与本人无关!!!**

—、批量检测脚本:

用法:

```
python vm-2022-22954-POC.py url.txt
```

![image-20220412143746878](img/image-20220412143746878.png)

二、单个url检测:

```
python vm-2022-22954-POC.py http://xx.xx.xx.xx
```

![image-20220412143557105](img/image-20220412143557105.png)

脚本执行成功,若存在漏洞则会在本地生成一个succ.txt文档并存储其中
File Snapshot

 [4.0K]  /data/pocs/1ef2abe24fdea90209ad8098d5ed00f4b8b0b55d
├── [4.0K]  img
│   ├── [ 55K]  image-20220412143557105.png
│   └── [ 54K]  image-20220412143746878.png
├── [ 647]  poc-yaml-vm-CVE-2022-22954-RCE.yml
├── [ 529]  README.md
└── [2.8K]  vm-2022-22954.py

1 directory, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →