/CVE-2021-31166

Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166

Primary LanguagePythonMIT LicenseMIT

CVE-2021-31166


Description

  • POC for CVE-2021-31166: Windows HTTP协议栈远程代码执行漏洞
  • create by antx at 2021-09-27.

Detail

Affect

  • Windows Server, version 2004 (or 20H1) (Server Core installation),
  • Windows 10 Version 2004 (or 20H1) for ARM64/x64/32-bit Systems,
  • Windows Server, version 20H2 (Server Core Installation),
  • Windows 10 Version 20H2 for ARM64/x64/32-bit Systems.
  • Windows Remote Management (WinRM)
  • Web Services on Devices (WSDAPI)
  • Lack of KB4598481 KB5003173 KB5000736 windows system patch or the system iso is before 2021-05.

Reference