all InfoSec news
Metasploit Weekly Wrap up
Rapid7 Blog blog.rapid7.com
Unauthenticated RCE in VMware Product
This week, community contributor h00die added an exploit module that leverages a command injection vulnerability in VMWare Aria Operations for Networks, formerly known as vRealize Network Insight. Versions 6.2 to 6.10 are vulnerable (CVE-2023-20887). A remote attacker could abuse the Apache Thrift RPC
abuse apache aria aria operations for networks command command injection community cve cve-2023-20887 exploit injection insight metasploit metasploit weekly wrapup network networks operations product rce rpc vmware vrealize vulnerability vulnerable week weekly