漏洞描述
VMware Tools是美国威睿(VMware)公司的一款VMWare虚拟机自带的增强工具,它是VMware提供的用于增强虚拟显卡和硬盘性能、以及同步虚拟机与主机时钟的驱动程序。 VMware Tools存在安全漏洞,该漏洞源于无法验证主机到客户的操作,从而影响客户虚拟机的机密性和完整性。
VMware ESXi vmware-tools 存在远程命令执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2018-6961: VMware NSX SD-WAN Edge - Command Injection
- (CVE-2025-13788)Chanjet CRM /tools/upgradeattribute.php gblOrgID参数SQL注入漏洞
- (CVE-2025-41252) VMware NSX未认证的用户名枚举漏洞
- (CVE-2025-41246) VMware Tools for Windows授权不当漏洞
- (CVE-2025-41250)VMware vCenter SMTP头部注入漏洞
- CVE-2023-20888: VMware Aria Operations for Networks - Remote Code Execution
- POC 申瓯通信 SOC1000-UC PBX设备 /admin/modules/socnetwork/views/socnetwork_debugtools_handle.php 命令执行漏洞
- (CVE-2025-54782) Nest框架@nestjs/devtools-integration包远程代码执行漏洞
- POC CVE-2021-21972: VMware vSphere Client (HTML5) - Remote Code Execution
- POC CVE-2021-21973: VMware vSphere - Server-Side Request Forgery
- POC CVE-2021-21978: VMware View Planner <4.6 SP1- Remote Code Execution
- POC CVE-2021-21985: VMware vSphere Client (HTML5) - Remote Code Execution
- POC CVE-2021-22005: VMware vCenter Server - Arbitrary File Upload