VMWare Aria Operations for Networks evictPublishedSupportBundles Remote OS Command Injection Webapp Exploit

This module exploits an OS Command Injection to deploy an agent in VMWare Aria Operations for Networks (aka vRealize Network Insight). The vulnerability is in the evictPublishedSupportBundles function of ScriptUtils class. The deployed agent will run with root user privileges.
CVE Link
CVE-2023-20887
Exploit Platform
Linux
Exploit Type
Exploits
OS Command Injection
Known Vulnerabilities
Product Name
Impact