漏洞描述
VMware Workspace ONE Access(以前称为VMware IdentityManager)旨在通过多因素身份验证、条件访问和单点登录,让您的员工更快地访问SaaS、Web和本机移动应用程序。该程序未经身份验证的攻击者可以利用此漏洞进行远程任意代码执行。ip靶机没有回显,去解析一个自己的域名上去就可以利用.
VMware Workspace ONE Access命令执行(CVE-2022-22954)
PoC代码
暂无相关漏洞推荐
-
CVE-2022-22954: VMware Workspace ONE Access SSTI POC
2025-09-01 | VMware Workspace ONE AccessVMware Workspace ONE Access(以前称为VMware Identity Manager)旨在通过多因素身份验证、条件访问和单点登录,让您的员工更快地访问SaaS、Web和本机移... -
CVE-2021-22054: VMWare Workspace ONE UEM - Server-Side Request Forgery POC
2025-08-01 | VMWare Workspace ONE UEMVMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prio... -
CVE-2022-22954: VMware Workspace ONE Access - Server-Side Template Injection POC
2025-08-01 | VMware Workspace ONE AccessVMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-... -
Webmin /package-updates/update.cgi 命令执行漏洞(CVE-2022-36446) 无POC
2025-09-05 | WebminWebmin是Webmin社区的一套基于Web的用于类Unix操作系统中的系统管理工具。 Webmin 1.997之前的版本存在安全漏洞,该漏洞源于其software/apt-lib.pl组件缺少对U... -
CVE-2022-0342: Zyxel authentication bypass patch analysis POC
2025-09-01 | ZyxelAn authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versio...