漏洞描述
该整数溢出漏洞存在于 VMXNET3 虚拟网络适配器中。要利用此漏洞,攻击者必须在具有 VMXNET3 虚拟网络适配器的虚拟机上拥有本地管理员权限。成功利用后,攻击者可以在宿主机上实现远程代码执行。
注意:非 VMXNET3 虚拟适配器不受此漏洞影响。
VMware ESXi、Workstation、Fusion VMXNET3 整数溢出漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2018-6961: VMware NSX SD-WAN Edge - Command Injection
- Adobe ColdFusion /hax/..CFIDE/wizards/common/utils.cfc 权限绕过漏洞(CVE-2023-38205)
- (CVE-2025-41252) VMware NSX未认证的用户名枚举漏洞
- (CVE-2025-41246) VMware Tools for Windows授权不当漏洞
- (CVE-2025-41250)VMware vCenter SMTP头部注入漏洞
- CVE-2023-20888: VMware Aria Operations for Networks - Remote Code Execution
- POC CVE-2010-2861: Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI
- POC CVE-2017-3506: Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution
- POC CVE-2018-15961: Adobe ColdFusion - Unrestricted File Upload Remote Code Execution
- POC CVE-2018-2791: Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting
- POC CVE-2018-3238: Oracle Fusion Middleware WebCenter Sites 11.1.1.8.0 - Cross-Site Scripting
- POC CVE-2018-8727: Mirasys DVMS Workstation <=5.12.6 - Local File Inclusion
- POC CVE-2019-2578: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - Broken Access Control