CVE-2021-21972 Exploit
CVE-2021-21972
vCenter 6.7U2+ running website in memory,so this exp can't work for 6.7 u2+.
/ui/vropspluginui/rest/services/uploadova
,完整路径(https://domain.com/ui/vropspluginui/rest/services/uploadova
)payload
文件夹内的tar
文件为默认冰蝎3 webshell