漏洞描述
VMware Tools是美国威睿(VMware)公司的一款VMWare虚拟机自带的增强工具,它是VMware提供的用于增强虚拟显卡和硬盘性能、以及同步虚拟机与主机时钟的驱动程序。 VMware Tools存在安全漏洞,该漏洞源于无法验证主机到客户的操作,从而影响客户虚拟机的机密性和完整性。
VMware ESXi vmware-tools 存在远程命令执行漏洞
PoC代码
暂无相关漏洞推荐
- CVE-2023-20888: VMware Aria Operations for Networks - Remote Code Execution
- POC 申瓯通信 SOC1000-UC PBX设备 /admin/modules/socnetwork/views/socnetwork_debugtools_handle.php 命令执行漏洞
- (CVE-2025-54782) Nest框架@nestjs/devtools-integration包远程代码执行漏洞
- POC CVE-2021-21972: VMware vSphere Client (HTML5) - Remote Code Execution
- POC CVE-2021-21973: VMware vSphere - Server-Side Request Forgery
- POC CVE-2021-21978: VMware View Planner <4.6 SP1- Remote Code Execution
- POC CVE-2021-21985: VMware vSphere Client (HTML5) - Remote Code Execution
- POC CVE-2021-22005: VMware vCenter Server - Arbitrary File Upload
- POC CVE-2022-22954: VMware Workspace ONE Access - Server-Side Template Injection
- POC CVE-2022-22972: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass
- POC CVE-2022-31656: VMware - Local File Inclusion
- POC CVE-2023-20864: VMware Aria Operations for Logs - Unauthenticated Remote Code Execution
- POC CVE-2023-20887: VMware VRealize Network Insight - Remote Code Execution