VMware vCenter RCE via plugin upload — unauthenticated remote code execution as root. Patch immediately. If internet-facing, assume compromise. This enabled full hypervisor infrastructure takeover in numerous APT campaigns targeting virtual infrastructure.
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →