This module exploits an OS Command Injection to deploy an agent in VMWare Aria Operations for Networks (aka vRealize Network Insight). The vulnerability is in the evictPublishedSupportBundles function of ScriptUtils class. The deployed agent will run with root user privileges.

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

This module exploits a java deserialization vulnerability present in InternalClusterController class that is reachable via several endpoints of VMware Aria Operations for Logs. The deployed agent will run with root privileges.

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.

A vulnerability in Oracle WebLogic Server (component: Core) which can be exploited through the T3/IIOP protocol network, which transfers information between WebLogic servers and other Java programs. This vulnerability found in Oracle WebLogic Server can lead to remote code execution.

This module exploits a custom java bean validator to deploy an agent in VMware Workspace ONE Access. The vulnerability is in the validateClaimRuleCondition function of ClaimTransformationHelper class. The deployed agent will run with horizon user privileges.

This module exploits a custom java bean validator to deploy an agent in VMware Workspace ONE Access. The vulnerability is in the validateClaimRuleCondition function of ClaimTransformationHelper class. The deployed agent will run with horizon user privileges.

This module exploits an information disclosure vulnerability (CVE-2022-31711), a remote file download vulnerability (CVE-2022-31704), and a directory traversal vulnerability (CVE-2022-31706) in VMware vRealize Log Insight to deploy an agent with root privileges. The vulnerability is exploited via Apache Thrift RPC protocol. The deployed agent will run with the root account privileges.

A command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device.