CVE-2021-21972
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- January 04, 2021
- Published Date
- February 24, 2021
- Last Updated
- July 30, 2025
- Vendor
- n/a
- Product
- VMware vCenter Server, VMware Cloud Foundation
- Description
- The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
- Tags
- Exploitation
- active
- Automatable
- Yes
- Technical Impact
- total
CVSS Scores
CVSS v3.1
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
SSVC Information
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2021-11-03 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/vmware_vcenter_uploadova_rce.rb | 2025-04-29 11:01:24 UTC |
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-21972.yaml | 2025-04-26 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
vmware_vcenter_uploadova_rce
Type: metasploit • Created: Unknown
orangmuda/CVE-2021-21972
Type: github • Created: 2021-10-03 23:03:11 UTC • Stars: 10
murataydemir/CVE-2021-21972
Type: github • Created: 2021-04-06 10:38:40 UTC • Stars: 6
TaroballzChen/CVE-2021-21972
Type: github • Created: 2021-03-07 16:30:36 UTC • Stars: 19
ByZain/CVE-2021-21972
Type: github • Created: 2021-03-04 07:14:10 UTC • Stars: 3
GuayoyoCyber/CVE-2021-21972
Type: github • Created: 2021-02-26 21:30:50 UTC • Stars: 28
renini/CVE-2021-21972
Type: github • Created: 2021-02-25 13:04:37 UTC • Stars: 2
B1anda0/CVE-2021-21972
Type: github • Created: 2021-02-25 10:16:20 UTC • Stars: 10
conjojo/VMware_vCenter_UNAuthorized_RCE_CVE-2021-21972
Type: github • Created: 2021-02-25 07:17:21 UTC • Stars: 27
milo2012/CVE-2021-21972
Type: github • Created: 2021-02-25 05:16:38 UTC • Stars: 32
alt3kx/CVE-2021-21972
Type: github • Created: 2021-02-25 05:10:06 UTC • Stars: 54
horizon3ai/CVE-2021-21972
Type: github • Created: 2021-02-24 16:31:34 UTC • Stars: 260
yaunsky/CVE-2021-21972
Type: github • Created: 2021-02-24 13:19:41 UTC • Stars: 7
NS-Sp4ce/CVE-2021-21972
Type: github • Created: 2021-02-24 11:14:58 UTC • Stars: 491
QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC
Type: github • Created: 2021-02-24 09:56:21 UTC • Stars: 136
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Proof of Concept Exploit Available
-
Exploit Used in Malware
-
Added to KEVIntel
-
Detected by Nuclei
-
Detected by Metasploit