Skip to content

Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http. sys, which handles most basic IIS operations.

Notifications You must be signed in to change notification settings

gpiechnik2/nmap-CVE-2022-21907

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 

Repository files navigation

nmap-CVE-2022-21907

Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http.sys, which handles most basic IIS operations. After uploading the payload, the server should stop working (DoS).

Usage

┌──(kali㉿kali)-[~/nmap-CVE-2022-21907]
└─$ nmap <target> --script=./nmap-CVE-2022-21907.nse
(...)
PORT     STATE SERVICE    REASON  VERSION
8080/tcp open  http-proxy syn-ack
| nmap-CVE-2022-21907: 
|   VULNERABLE:
|   CVE-2022-21907 - DOS
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2022-21907
|     References:
|_      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21907

License

Same as Nmap. See https://nmap.org/book/man-legal.html

About

Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http. sys, which handles most basic IIS operations.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages