CVE-2023-20887 PoC — VMware Aria Operations 命令注入漏洞

Source

https://github.com/miko550/CVE-2023-20887

Associated Vulnerability

Title:VMware Aria Operations 命令注入漏洞 (CVE-2023-20887)
Description:Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.

Description

VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)

Readme

# CVE-2023-20887 Exploit
VMWare vRealize Network Insight Pre-Authenticated RCE (CVE-2023-20887)

# Usage
```shell
usage: exploit.py [-h] -t TARGET [-l LOCALHOST] [-p LOCALPORT]

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        Target url, http://localhost:9000
  -l LOCALHOST, --localhost LOCALHOST
                        Local IP address for reverse shell
  -p LOCALPORT, --localport LOCALPORT
                        Local port for reverse shell
```

# Reference
https://github.com/sinsinology/CVE-2023-20887

File Snapshot


 [4.0K]  /data/pocs/7292e7f41d766678c60a4fbc0e7ba07104b06e6f
├── [2.4K]  exploit.py
├── [ 592]  README.md
└── [   9]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!