3xpl01tc0d3r

Hello All, In this blog post, we will explore the Unauthenticated Remote Code Execution vulnerability discovered by the WIZ team in Azure Open Management Infrastructure (OMI) application that was assigned a CVE ID - CVE-2021-38647. The blog post published by the WIZ team contains all the details that are required to exploit the vulnerability if a vulnerable instance is available. While reading the blog post, we thought of reproducing the scenario and create some quick PoC to exploit the vulnerability. We are releasing Proof of Concept (PoC) code in PowerShell & Python. The PoC code is published on the Github repo . About Azure Open Management Infrastructure (OMI) OMI is a UNIX/Linux application installed on the Azure UNIX/Linux VM that allows users to manage the machine & configuration remotely & locally. It is equivalent to Windows WMI that uses the Common Information Model (CIM). It runs with root privileges. The OMI application gets installed automatically when service