top of page

vCenter Server File Upload Vulnerability (CVE-2021-22005)


The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. This vulnerability impacts vCenter Server versions 6.7 and 7.0. An attacker with network access to port 443 could exploit this vulnerability by uploading a specially crafted file to execute code on vCenter Server.


Although there is no PoC at this time, ongoing scanning activity has been spotted by threat intelligence company Bad Packets and Idappcom has been able to create a traffic file and matching rule using this information.


Idappcom has created signature 8021804 along with a traffic file.


Traffic IQ

If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here


bottom of page