CVE-2021-31166CISA KEV: Actively Exploited

Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability

Published Apr 6, 2022·Updated Apr 6, 2022

Description

Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.

Public Exploits & PoCs12 found

PoC: CVE-2021-31166

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

814

PoC: CVE-2021-31166

Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166

21

PoC: CVE-2021-31166

HTTP Protocol Stack CVE-2021-31166

15

PoC: CVE-2021-31166

PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.

9

PoC: CVE-2021-31166-Exploit

Exploit for MS Http Protocol Stack RCE vulnerability (CVE-2021-31166)

7

PoC: CVE-2021-31166

simple bash script for exploit CVE-2021-31166

4

PoC: CVE-2021-31166-detection-rules

Different rules to detect if CVE-2021-31166 is being exploited

4

PoC: CVE-2021-31166

CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.

3

PoC: CVE-2021-31166

http.sys remote UAF to Leak Credential

3

PoC: CVE-2021-31166-exploit

Just a simple CVE-2021-31166 exploit tool

1

PoC: CVE-2021

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

PoC: Home-Demolisher

PoC for CVE-2021-31166 and CVE-2022-21907

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free