漏洞描述
VMware Aria Operations是美国威睿(VMware)公司的一个统一的、人工智能驱动的自动驾驶 IT 运营管理平台,适用于私有云、混合云和多云环境。VMware Aria Operations Networks 6.x系列版本 saasresttosaasservlet 处存在安全漏洞,攻击者利用该漏洞可以执行命令注入攻击,从而导致远程代码执行。
VMware VRealize Network Insight saasresttosaasservlet 远程命令执行漏洞(CVE-2022-31702)
PoC代码
暂无相关漏洞推荐
- (CVE-2025-4617)Palo Alto Networks Prisma Browser截图控制绕过漏洞
- (CVE-2025-4618)Palo Alto Networks Prisma Browser敏感信息泄露漏洞
- (CVE-2025-41252) VMware NSX未认证的用户名枚举漏洞
- (CVE-2025-41246) VMware Tools for Windows授权不当漏洞
- (CVE-2025-41250)VMware vCenter SMTP头部注入漏洞
- CVE-2023-20888: VMware Aria Operations for Networks - Remote Code Execution
- Network Technologies Inc ENVIROMUX存在默认口令
- POC CVE-2017-15944: Palo Alto Network PAN-OS - Remote Code Execution
- POC CVE-2017-4011: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting
- POC CVE-2018-10141: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
- POC CVE-2018-19410: PRTG Network Monitor - Local File Inclusion
- POC CVE-2019-1821: Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution
- POC CVE-2020-11547: PRTG Network Monitor <20.1.57.1745 - Information Disclosure