CVE-2021-21974: Demonstrating Remote Code Execution on VMware ESXi Server

This video demonstrates CVE-2021-21974 – a remote code execution bug in VMware ESXi servers. A vulnerability in the Service Location Protocol (SLP) service allows an attacker to gain root on a system. It can also be leveraged for a guest-to-host escape.

For full details on the bug used in this video, read the blog at:
https://www.zerodayinitiative.com/blog/2021/3/1/cve-2020-3992-amp-cve-2021-21974-pre-auth-remote-code-execution-in-vmware-esxi