CVE-2021-40444CISA KEV: Actively Exploited

Microsoft MSHTML Remote Code Execution Vulnerability

Published Nov 3, 2021·Updated Nov 3, 2021

Description

Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.

Public Exploits & PoCs27 found

PoC: CVE-2021-40444

CVE-2021-40444 PoC

1,413

PoC: CVE-2021-40444

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

600

PoC: CVE-2021-40444_builders

This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit

168

PoC: CVE-2021-40444--CABless

Modified code so that we don´t need to rely on CAB archives

99

PoC: CVE-2021-40444-Sample

CVE-2021-40444 Sample

76

PoC: Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit

CVE-2021-40444

63

PoC: CVE-2021-40444

Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444

17

PoC: Caboom

A malicious .cab creation tool for CVE-2021-40444

12

PoC: CVE-2021-40444-CAB

CVE-2021-40444 - Custom CAB templates from MakeCAB

10

PoC: CVE-2021-40444-POC

An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework.

8

PoC: CVE-2021-40444

CVE-2021-40444 POC

6

PoC: Docx-Exploit-2021

This docx exploit uses res files inside Microsoft .docx file to execute malicious files. This exploit is related to CVE-2021-40444

4

PoC: CVE-2021-40444-URL-Extractor

Python script to extract embedded URLs from doc files (.docx, .docm, .rtf)

4

PoC: CVE-2021-40444_EXP_JS

根据已知样本反编译代码

3

PoC: CVE-2021-40444

Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit

1

PoC: word_mshtml

Contains the offensive (exploit and auxiliary) modules for the CVE-2021-40444.

1

PoC: Follina-CVE-and-CVE-2021-40444

This repository contains scripts and resources for exploiting the Follina CVE and CVE-2021-40444 vulnerabilities in Microsoft Office. The scripts generate malicious document files that can execute arbitrary code on the target system.

PoC: CVE-2021-40444-POC

For learning purpose did a complete analysis on CVE-2021-40444 POC (proof of concept)

PoC: TIC4301_Project

TIC4301 Project - CVE-2021-40444

PoC: TIC4301_Project

TIC4301 Project - CVE-2021-40444

PoC: CVE-2021-40444_CAB_archives

CVE 2021 40444 Windows Exploit services.dll

PoC: CVE-2021-40444-CAB

CVE-2021-40444 - Custom CAB templates from MakeCAB

PoC: MSHTMHell

Malicious document builder for CVE-2021-40444

PoC: CVE-2021-40444

partly working PoC, check lockedbytes PoC for full experience!

PoC: CVE-2021-40444

POC for CVE-2021-40444

PoC: cve-2021-40444

Reverse engineering the "A Letter Before Court 4.docx" malicious files exploting cve-2021-40444

PoC: CVE-2021-40444-Sample

CVE-2021-40444 Sample

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free