Lucene search

K
githubexploit29AB2E6A-3E44-55A2-801D-2971FABB2E5D
HistorySep 15, 2021 - 10:34 p.m.

Exploit for Path Traversal in Microsoft

2021-09-1522:34:35
221
path traversal
microsoft
exploit
cve-2021-40444
cve-2022-30190
follina
remote code execution
microsoft word
dll
html
cab file
zipslip
rundll32
lockedbyte poc
size constraint
byte-patching

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L

AI Score

7.8

Confidence

High

EPSS

0.971

Percentile

99.8%

Fully Weaponized CVE-2021-40444

Malicious docx generator to e…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L

AI Score

7.8

Confidence

High

EPSS

0.971

Percentile

99.8%