antx-code / CVE-2021-31166

Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166

CVE-2021-31166

Description

POC for CVE-2021-31166: Windows HTTP协议栈远程代码执行漏洞
create by antx at 2021-09-27.

Detail

Poc-Gif

CVE Severity

attackComplexity: LOW
attackVector: NETWORK
availabilityImpact: HIGH
confidentialityImpact: HIGH
integrityImpact: HIGH
privilegesRequired: NONE
scope: CHANGED
userInteraction: NONE
version: 3.1
baseScore: 9.8
baseSeverity: CRITICAL

Affect

Windows Server, version 2004 (or 20H1) (Server Core installation),
Windows 10 Version 2004 (or 20H1) for ARM64/x64/32-bit Systems,
Windows Server, version 20H2 (Server Core Installation),
Windows 10 Version 20H2 for ARM64/x64/32-bit Systems.
Windows Remote Management (WinRM)
Web Services on Devices (WSDAPI)
Lack of KB4598481 KB5003173 KB5000736 windows system patch or the system iso is before 2021-05.

POC

Reference

Ref-Source
- 0vercl0k/CVE-2021-31166
Ref-Article
- CVE-2021-31166 Windows HTTP协议栈远程代码执行漏洞复现
Ref-Risk
- HTTP Protocol Stack Remote Code Execution Vulnerability
- NVD<CVE-2021-31166>
CVE
- CVE-2021-31166

About

Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166

MIT License

Languages

Language:Python 54.0%Language:Go 46.0%