{"uuid": "0b16b376-8daa-4559-8691-55a7f6b73d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-21986", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3493", "content": "#Threat_Research\n1. The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server (PoC for CVE-2021-21985/CVE-2021-21986)\nhttps://attackerkb.com/topics/X85GKjaVER/cve-2021-21985#rapid7-analysis\n2. Re-Checking Your Pulse: Updates on Chinese APT Actors Compromising Pulse Secure VPN Devices\nhttps://www.fireeye.com/blog/threat-research/2021/05/updates-on-chinese-apt-compromising-pulse-secure-vpn-devices.html", "creation_timestamp": "2021-05-30T13:43:01.000000Z"}