Skip to content
/ CVE-2024-22274 Public

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

33 stars 10 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/CVE-2024-22274

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
VMware vCenter - CVE-2024-22274.pdf
VMware vCenter - CVE-2024-22274.pdf
 
 

Repository files navigation

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system as the "root" user.

Vendor Disclosure:

The vendor's disclosure for this vulnerability can be found here.

Requirements:

This vulnerability requires:

  • Valid credentials for user with "admin" role

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

About

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

Topics

authenticated cve remote-code-execution cves 0-day cve-2024-22274

Resources

Readme
Activity

Stars

33 stars

Watchers

2 watching

Forks

10 forks
Report repository