Exploit for Code Injection in Vmware Identity Manager CVE-2022-22954

Name: Exploit for Code Injection in Vmware Identity Manager CVE-2022-22954
Rating: 5 (325 reviews)

2022-04-12 | CVSS 10.0

## https://sploitus.com/exploit?id=B8601FE7-3E95-5AD7-8C4E-05FAB57FBB6D
# CVE-2022-22954 PoC - VMware Workspace ONE Access Freemarker Server-Side Template Injection



A vulnerability, which was classified as very critical, was found in Vmware Workspace ONE Access and Identity Manager. Affected component is Template Handler.
Reference: https://vuldb.com/?id.196644

## Usage:
```
python3 CVE-2022-22954.py example.com "cat /etc/passwd"
```

## Example:
![image](https://user-images.githubusercontent.com/8413651/163058430-0e17dc68-dfe3-4700-8ef6-956f11449c97.png)

## Disclaimer
This python script is for Educational purpose ONLY. Do not use it without permission. The usual disclaimer applies, especially the fact that I'm is not liable for any damages caused by direct or indirect use of the information or functionality provided by these scripts.