## https://sploitus.com/exploit?id=SAINT:DAA3E0F3610AF8207260B0CEE1846D8A
Added: 12/12/2022
### Background
[VMware vCenter Server](<https://www.vmware.com/products/vcenter-server.html>) is server management software for controlling VMware vSphere environments.
### Problem
Improper permissions on the `**java-wrapper-vmon**` file allow authenticated, unprivileged attackers to gain root privileges.
### Resolution
Upgrade to vCenter Server 7.0 U2c or higher.
### References
<https://www.vmware.com/security/advisories/VMSA-2021-0020.html>
### Limitations
The shell connection will only occur after the `**vmware-vmon**` service restarts or the target is rebooted. The exploit remains listening for a connectback in the background.
After a successful exploit, you will need to remove the exploit code from `**/usr/lib/vmware-vmon/java-wrapper-vmon**`.
### Platforms
Linux