A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
PoC: CVE-2018-8174-msf
CVE-2018-8174 - VBScript memory corruption exploit.
PoC: CVE-2018-8174_EXP
CVE-2018-8174_python
PoC: cve-2018-8174_analysis
Analysis of VBS exploit CVE-2018-8174
PoC: ie11_vbscript_exploit
Exploit Generator for CVE-2018-8174 & CVE-2019-0768 (RCE via VBScript Execution in IE11)
PoC: CVE-2018-8174
MS Word MS WordPad via IE VBS Engine RCE
PoC: Rig-Exploit-for-CVE-2018-8174
Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page. After successful exploitation, a second-stage downloader is retrieved, which appears to be a variant of SmokeLoader due to the URL. It would then download th
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free