{"vulnerability": "CVE-2022-21907", "sightings": [{"uuid": "29f1996d-c439-4fb9-8969-c1575846737e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=715", "content": "", "creation_timestamp": "2022-01-12T04:00:00.000000Z"}, {"uuid": "20cd2d5d-8027-4714-940e-ed633c89a7cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1589", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired. I add exploit, payload and demonstration.\nURL\uff1ahttps://github.com/mauricelambert/CVE-2022-21907", "creation_timestamp": "2022-03-05T10:38:36.000000Z"}, {"uuid": "3d78a7df-dcab-4ad6-aecf-72f6afedcb1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9354", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 DoS exploit for CVE-2022-21907. Untested.\n\nhttps://github.com/polakow/CVE-2022-21907", "creation_timestamp": "2022-04-14T18:39:19.000000Z"}, {"uuid": "40834539-8bc6-4600-8240-47268416f850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_1/2022", "content": "", "creation_timestamp": "2022-01-12T11:30:06.000000Z"}, {"uuid": "70acbc14-8433-4248-8b0f-baf9cd3ad9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1608", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-21907: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.\nURL\uff1ahttps://github.com/mauricelambert/CVE-2021-31166", "creation_timestamp": "2022-03-07T19:50:10.000000Z"}, {"uuid": "b49f7e6a-b0c0-48a0-964d-7e16072ce5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1791", "content": "CVE-2022-21907 - Double Free in http.sys driver\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0441 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u043c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \"Accept-Encoding\", \u0447\u0442\u043e \u0432\u044b\u0437\u043e\u0432\u0435\u0442 \u0434\u0432\u043e\u0439\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c \u0441\u043f\u0438\u0441\u043a\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP (http.sys) \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043a\u0440\u0430\u0445\u0443 \u044f\u0434\u0440\u0430.\nhttps://github.com/p0dalirius/CVE-2022-21907-http.sys\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-06-21T19:01:56.000000Z"}, {"uuid": "19016896-9d53-46a0-a7b9-02ee6dbc9e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3502", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2021-31166 and CVE-2022-21907\nURL\uff1ahttps://github.com/0xmaximus/Home-Demolisher\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-01T11:20:30.000000Z"}, {"uuid": "9462c596-9e6e-4586-b6c7-ea29b5e80cee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/poxek/1239", "content": "CVE-2022-21907 HTTP Protocol Stack RCE Vulnerability\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-06T05:00:48.000000Z"}, {"uuid": "47c2330f-e862-4dc4-a80f-2cf5e3775052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112 check\nURL\uff1ahttps://github.com/coconut20/CVE-2022-21907-RCE-POC", "creation_timestamp": "2022-02-21T17:32:25.000000Z"}, {"uuid": "2d7fec5f-9f02-4cae-b39c-776ff0206965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1518", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24112 check\nURL\uff1ahttps://github.com/coconut20/CVE-2022-21907", "creation_timestamp": "2022-02-21T16:34:10.000000Z"}, {"uuid": "fd5fd259-ae8a-48f5-96ad-ffa0c5b077ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1532", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers\nURL\uff1ahttps://github.com/p0dalirius/CVE-2022-21907-http.sys", "creation_timestamp": "2022-02-25T11:06:48.000000Z"}, {"uuid": "d0068444-d5cb-475b-80dd-8b3a55e1bfb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1932", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA DoS exploit for CVE-2022-21907\nURL\uff1ahttps://github.com/polakow/CVE-2022-21907\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-13T05:52:30.000000Z"}, {"uuid": "7f2ffd65-580f-439f-8d19-2c731793b449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3581", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.\nURL\uff1ahttps://github.com/Malwareman007/CVE-2022-21907\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-09T13:48:52.000000Z"}, {"uuid": "7f8663d0-4104-4201-850a-6cf2fd6f207a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1344", "content": "CVE-2022-21907\nDoS-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2022-21907. \u041e\u043d \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 IPv4/IPv6/HTTP/HTTPS.\nhttps://github.com/polakow/CVE-2022-21907\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-18T08:59:32.000000Z"}, {"uuid": "9371c3fc-cc9c-47f2-84ca-1f8d2450b78a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1898", "content": "CVE-2022-21907 Golang Application by 1vere$k\nCVE-2022-21907 - Double Free in http.sys driver. \u0418\u0442\u043e\u0433\n\u042d\u0442\u043e \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u0442\u043e\u0447\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Golang, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043a \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c \u0446\u0435\u043b\u044f\u043c \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e. \u041d\u0435 \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0438\u0432\u043d\u043e \u0441 POST-\u0437\u0430\u043f\u0440\u043e\u0441\u0430\u043c\u0438, \u043d\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0447\u0442\u0438 30% \u0441\u043a\u043e\u0440\u043e\u0441\u0442\u0438 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u043b\u0438\u043d\u0435\u0439\u043d\u044b\u043c \u043c\u0435\u0442\u043e\u0434\u043e\u043c. \u041d\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0441 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u043c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \"Accept-Encoding\", \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u0434\u0432\u043e\u0439\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0441\u043f\u0438\u0441\u043a\u0430 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP (http.sys) \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043a\u0440\u0430\u0445\u0443 \u044f\u0434\u0440\u0430.\nhttps://github.com/iveresk/cve-2022-21907\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2025-01-03T19:49:26.000000Z"}, {"uuid": "d486b878-1e00-402c-97bd-9ad396e126ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/9", "content": "https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC", "creation_timestamp": "2022-06-16T09:14:26.000000Z"}, {"uuid": "f9ed95df-e04f-4ccd-bb29-adf202f1dd4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/poxek/1336", "content": "CVE-2022-21907 Windows DoS Exploit\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-17T05:00:24.000000Z"}, {"uuid": "20e9f2de-9a95-474b-b075-541e09f044fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/449", "content": "\u0418\u0442\u043e\u0433\u0438 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 patch tuesday \u043e\u0442 microsoft.\n\n\u041f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e 96, \u0447\u0442\u043e \u043d\u0430 29 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 (RCE, privesc, spoofing, xss)\u0432 \u0446\u0435\u043b\u043e\u043c \u0437\u043e\u043e\u043f\u0430\u0440\u043a\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, microsoft exchange server, microsoft office, windows kernel, windows defender, RDP, windows certificate, microsoft teams.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, 0day, \u0430 \u0438\u0445 \u0446\u0435\u043b\u044b\u0445 6:\n\u2022 CVE-2021-22947 - RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 curl, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 Man-in-The-Middle;\n\u2022 CVE-2021-36976 \u2014 use-after-free \u0432 libarchive, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE;\n\u2022 CVE-2022-21874 \u2014- RCE \u0432 api windows security center;\n\u2022 CVE-2022-21919 \u2014 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 windows user profile service, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC;\n\u2022 CVE-2022-21839 \u2014 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 windows event tracing discretionary access control list;\n\u2022 CVE-2022-21836 \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432, PoC \u0442\u0430\u043a \u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 0day, \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0435 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b, \u043d\u0435 \u0431\u044b\u043b\u0438, \u0447\u0442\u043e, \u043d\u0435\u0441\u043e\u043c\u043d\u0435\u043d\u043d\u043e, \u0440\u0430\u0434\u0443\u0435\u0442.\n\n\u0421\u0430\u043c\u044b\u043c \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u0447\u0435\u0440\u0432\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0439 \u0431\u0430\u0433 CVE-2022-21907. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0438 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n@NeKaspersky", "creation_timestamp": "2022-01-12T13:10:46.000000Z"}, {"uuid": "0689fbaf-52d8-4e7f-94ff-96c571f3f062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1243", "content": "CVE-2022-21907 - Double Free in http.sys driver\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0441 \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043a\u043e\u043c HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 \"Accept-Encoding\", \u0447\u0442\u043e \u0432\u044b\u0437\u043e\u0432\u0435\u0442 \u0434\u0432\u043e\u0439\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u043c \u0441\u043f\u0438\u0441\u043a\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP (http.sys) \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043a\u0440\u0430\u0445\u0443 \u044f\u0434\u0440\u0430.\nhttps://github.com/p0dalirius/CVE-2022-21907-http.sys\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1\ufe0f", "creation_timestamp": "2022-04-06T13:01:37.000000Z"}, {"uuid": "3d1a05a3-5c27-4538-8fcc-5e2fa544595a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1915", "content": "CVE-2022-21907\nA REAL DoS exploit for CVE-2022-21907\n\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 IPv4/IPv6/HTTP/HTTPS\nhttps://github.com/polakow/CVE-2022-21907\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-05T15:02:24.000000Z"}, {"uuid": "a489dad1-e39d-4898-a67c-ef4947e78d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1425", "content": "CVE-2022-21907\n\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\nPOC \u0434\u043b\u044f CVE-2022-21907: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP.\n- \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430 CVE-2021-31166.\n- \u042d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c \u0432 CVE-2021-31166, \u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442: \n- Windows\n\u2014 10 \u0432\u0435\u0440\u0441\u0438\u044f 1809 \u0434\u043b\u044f 32-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 1809 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 1809 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H1 \u0434\u043b\u044f 32-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H1 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H1 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 20H2 \u0434\u043b\u044f 32-\u0431\u0438\u0442\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 20H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 20H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H2 \u0434\u043b\u044f 32-\u0431\u0438\u0442\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 11 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 11 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n- Windows Server\n\u2014 2019\n\u2014 2019 (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u044f\u0434\u0440\u0430)\n\u2014 2022\n\u2014 2022 (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u044f\u0434\u0440\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430)\n\u2014 \u0432\u0435\u0440\u0441\u0438\u044f 20H2 (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u044f\u0434\u0440\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430)\n\nhttps://github.com/michelep/CVE-2022-21907-Vulnerability-PoC\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-28T17:01:45.000000Z"}, {"uuid": "d074bfde-1828-4459-9235-bce95a4a1d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1189", "content": "CVE-2022-21907\nCVE-2022-21907: \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435, \u0437\u0430\u0449\u0438\u0442\u0430, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0438 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u044f. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f: Powershell, Python, Ruby, NMAP \u0438 Metasploit. \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438 \u0437\u0430\u0449\u0438\u0442\u0430: Powershell. \n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\n1. \u042d\u0442\u043e\u0442 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u043a CVE-2022-21907 (CVSS:3.1 9.8) \u0438 \u043f\u0440\u0438 \u0436\u0435\u043b\u0430\u043d\u0438\u0438 \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u042f \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e 2 \u043a\u043e\u0434\u0430 powershell \u0432 1 \u0441\u0442\u0440\u043e\u043a\u0435.\n2. \u042f \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u044e \u0447\u0438\u0441\u0442\u044b\u0435 \u0441\u043a\u0440\u0438\u043f\u0442\u044b python, powershell, ruby \u0438 \u043c\u043e\u0434\u0443\u043b\u0438 metasploit, nmap \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440 IIS (\u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c DOS-\u0430\u0442\u0430\u043a\u0443, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0432\u0435\u0441\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f (\u0441\u0438\u043d\u0438\u0439 \u044d\u043a\u0440\u0430\u043d)).\nhttps://github.com/mauricelambert/CVE-2022-21907\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-02T09:31:20.000000Z"}, {"uuid": "2e13700e-308d-4d0f-ae34-12e7fcd27315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "Telegram/VlFz0V3lBiukcU4uUVZYhAeh4PSUMxEFE2g8soO0ouueQ_o", "content": "", "creation_timestamp": "2022-04-21T08:39:30.000000Z"}, {"uuid": "46d87e3e-c5f1-4e49-8645-3f15bf64a946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/technical_private_cat/288", "content": "\u0415\u0449\u0435 \u0440\u0430\u0437 \u0434\u043e\u0431\u0440\u044b\u0439 \u0434\u0435\u043d\u044c \u043c\u043e\u0438 \u0447\u0435\u0448\u0438\u0440\u0441\u043a\u0438\u0435 \u043a\u043e\u0442\u0438\u043a\u0438   \ud83d\udc08\ud83c\udfa9\n\n\u0412\u043e\u0442 \u0432\u0430\u043c \u043f\u043e\u0441\u0442-\u0441\u0431\u043e\u0440\u043d\u0438\u043a \u043f\u0440\u043e windows . \ud83c\udfaf\n\u0422\u043e\u0447\u043d\u0435\u0435 \u043f\u0440\u043e \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0435\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ,\u0438  \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0438 \u0441\u0442\u0430\u0442\u044c\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044d\u043d\u043d\u043e\u0439 .\n\u041f\u043e\u0441\u0442 \u0441\u0434\u0435\u043b\u0430\u043d \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u043e\u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445 \u0438 \u0434\u043b\u044f \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0432\u0430\u0448\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 . \n\n\u041d\u0430\u0434\u0435\u044e\u0441\u044c \u0432\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u043b\u0435\u0437\u043d\u043e:\nWindows-RCE-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b\nWindows-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u043d\u0430 \u043c\u043d\u043e\u0433\u0438\u0435 cve \u043e\u0442 2012 \u0434\u043e 2017\n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u043d\u0430 CVE-2022-21907 \u0435\u0449\u0435 \u0442\u044b\u043a \n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u043d\u0430 CVE-2022-21999\n\u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u044b \u043d\u0430 CVE-2022-29072\n\u0421\u0431\u043e\u0440\u043d\u0438\u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u043d\u0430 cve 2022 \u0433\u043e\u0434\u0430\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Microsoft Security Response Center (MSRC)\nPrivatezilla -\u0438\u043d\u0442\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\n\n\nGood afternoon again my Cheshire cats \ud83d\udc08\ud83c\udfa9\n\nHere's a post-collection for you about windows . \ud83c\udfaf\nMore precisely about the different exploits for its various vulnerabilities , and tools and articles on security enna .\nThis post is only for introductory purposes and to improve your security. \n\nI hope you will find it useful:\nWindows-RCE-exploits\nWindows exploits for many cve from 2012 to 2017 \nExploits for CVE-2022-21907 more link \nExploits for CVE-2022-21999\nExploits for CVE-2022-29072 \nA collection of various exploits for cve 2022\nSecurity research from Microsoft Security Response Center (MSRC)\nPrivatezilla security tool\n#windows #attacks #cve #exploit #polymorphic #pentest", "creation_timestamp": "2022-10-30T15:50:43.000000Z"}, {"uuid": "2c8d9272-8111-457a-aa1a-9aa8bde1d08b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/alexmakus/4499", "content": "\u043a\u0441\u0442\u0430\u0442\u0438, \u0432\u0447\u0435\u0440\u0430 \u0436\u0435 \u0443 Microsoft \u0431\u044b\u043b Patch Tuesday! \n\n\u0432\u043e\u0442 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0430\u044f \u0440\u0430\u0437\u0431\u0438\u0432\u043a\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u043e\u0432 \u2014\u00a0126 CVE \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e: \nhttps://isc.sans.edu/forums/diary/Microsoft+Patch+Tuesday+January+2022/28230/\n\n6 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u0443\u0436\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b \u0440\u0430\u043d\u044c\u0448\u0435, \u043e\u0434\u043d\u0430 \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 wormable, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Microsoft (\u0441\u0430\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u043e\u0442 \u043e\u0434\u043d\u043e\u0433\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430 \u043a \u0434\u0440\u0443\u0433\u043e\u043c\u0443). 9 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0435, \u043e\u0434\u043d\u0430 \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u044b\u0445 \u2014\u00a0CVE-2022-21907 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21907)\n\n\u0414\u043e\u043f. \u0422\u0440\u0438 \u2014\u00a0RCE \u0432 Exchange, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0430 \u0438\u0437 NSA. \u0412 \u0446\u0435\u043b\u043e\u043c, \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043d\u0430\u0434\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f.", "creation_timestamp": "2022-01-12T17:08:57.000000Z"}, {"uuid": "973394d6-32d1-4604-b451-548176c12021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/arpsyndicate/1962", "content": "#ExploitObserverAlert\n\nCVE-2022-21907\n\nDESCRIPTION: Exploit Observer has 66 entries related to CVE-2022-21907. HTTP Protocol Stack Remote Code Execution Vulnerability.\n\nFIRST-EPSS: 0.891490000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T10:18:00.000000Z"}, {"uuid": "a31ae198-d199-46d0-87b2-62a3417d4ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/291", "content": "|CVE-2022-21907|\nHTTP Protocol Stack RCE Vulnerability\nCVSS score:3.1 9.8 \n\n\ud83d\udee1\u0422\u043e\u043b\u044c\u043a\u043e \u0432 \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0446\u0435\u043b\u044f\u0445!\n\u042d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u0430\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0440\u0430\u0436\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e, \u043f\u043e-\u0434\u0440\u0443\u0433\u043e\u043c\u0443 \u0442\u0430\u043a\u043e\u0439 \u0442\u0438\u043f \u0435\u0449\u0451 \u043d\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f wormable \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u0442\u0435\u043a\u043e\u043c \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 HTTP(http.sys). \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0431\u044b\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d, \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043f\u0430\u043a\u0435\u0442 \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0430\u043a. \u0422\u0430\u043a\u0436\u0435, \u0445\u043e\u0447\u0443 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0447\u0435\u0440\u0435\u0437 \u043e\u0434\u0438\u043d \u0438\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u043e\u0432. \u0427\u0442\u043e \u043d\u0435 \u043c\u0430\u043b\u043e \u0432\u0430\u0436\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u0438 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441\u0430\u043c\u043e\u0439 \u0436\u0435\u0440\u0442\u0432\u044b. \u0421\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 windows \u0431\u043e\u043b\u044c\u0448\u043e\u0439, \u043d\u0430 \u0441\u043a\u0440\u0438\u043d\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0438\u043b\u043e\u0436\u0438\u043b \u0432\u044b\u0448\u0435, \u043c\u043e\u0436\u0435\u0442\u0435 \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.\n\n\u041f\u0440\u0438\u0432\u0435\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 \u0441 PoC \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n\ud83d\udcce\u0442\u044b\u043a1\n\ud83d\udcce\u0442\u044b\u043a2\n\u041d\u0430\u0442\u043a\u043d\u0443\u043b\u0441\u044f \u0435\u0449\u0451 \u043d\u0430 DoS \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u043e\u0441\u0442\u043e: \n./cve-2022-21907.py -t 184.50.9.56 -p 80 -v 4    - \u0434\u0443\u043c\u0430\u044e, \u0447\u0442\u043e \u043f\u0440\u0438\u043a\u043e\u043b \u0441 ip - \u043f\u043e\u043d\u044f\u043b\u0438\n\n\ud83d\udee1For educational purposes only!\nThis is a vulnerability that can infect other vulnerable devices on its own, in another way, this type is also called wormable and is associated with the HTTP protocol stack(http.sys ). An attacker who has not been authenticated can send a packet created for the attack to the attacked server. Also, I want to note that the attack can be carried out at the protocol level through one or more network transitions. What is not a little important, a vulnerable system can be exploited without the intervention and interaction of the victim himself. The list of affected versions of windows is large, you can look at the screenshot attached above.\n\nHere are a few repositories with the PoC of this vulnerability:\n\ud83d\udcce click1\n\ud83d\udcce click2\nI came across another DoS exploit  based on this vulnerability. It is very simple to use:\n./cve-2022-21907.py -t 184.50.9.56 -p 80 -v 4 - I think that the joke with the ip is understood\n\n#shizo #rce #cve #poc", "creation_timestamp": "2022-04-14T03:18:24.000000Z"}, {"uuid": "dd9746b3-1d57-4d03-85c0-a7964121901c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/arpsyndicate/181", "content": "#ExploitObserverAlert\n\nCVE-2022-21907\n\nDESCRIPTION: Exploit Observer has 64 entries related to CVE-2022-21907. HTTP Protocol Stack Remote Code Execution Vulnerability.\n\nFIRST-EPSS: 0.891490000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-17T02:38:45.000000Z"}, {"uuid": "00441a77-2fe2-490e-b052-5a364dce5147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/arpsyndicate/1676", "content": "#ExploitObserverAlert\n\nCVE-2022-21907\n\nDESCRIPTION: Exploit Observer has 66 entries related to CVE-2022-21907. HTTP Protocol Stack Remote Code Execution Vulnerability.\n\nFIRST-EPSS: 0.891490000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T18:45:58.000000Z"}, {"uuid": "2b9e02dd-d3b7-4e0a-ad0e-79ac2350dec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/breachdetector/362923", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-21907 HTTP DOS Security Vulnerability What Is ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"20 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-20T10:20:32.000000Z"}, {"uuid": "958fc2a1-25db-4a32-a632-99d0c389ed14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/ARC15INFO/351", "content": "CVE-2022-21907 HTTP Protocol Stack RCE Vulnerability\n\n#RCE #Vulnerability #Metasploit #Nmap #Powershell\n#CVE-2022-21907 #CVE-2022-2190 #Exploit #Dos #Ddos\n#Hacking #Microsoft #Bugbounty #RemoteCodeExecution\n\nhttps://reconshell.com/cve-2022-21907-http-protocol-stack-rce-vulnerability/", "creation_timestamp": "2024-08-29T06:29:08.000000Z"}, {"uuid": "815109c5-0109-4dc2-ae51-57e85e5cb638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/hack_room_channel/125", "content": "https://github.com/antx-code/CVE-2022-21907\n\n\nPOC for CVE-2022-21907: Windows HTT  Protocol Stack Remote Code Execution Vulnerability", "creation_timestamp": "2022-01-19T12:55:09.000000Z"}, {"uuid": "6f1a24b5-fedb-408a-ac46-7f505149d484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/hack_room_channel/334", "content": "https://github.com/p0dalirius/CVE-2022-21907-http.sys", "creation_timestamp": "2022-02-18T08:34:15.000000Z"}, {"uuid": "7ead2a1a-7445-41e9-a6af-6b6a22df1e7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/breachdetector/362694", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-21907 HTTP DOS G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"20 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-20T00:33:53.000000Z"}, {"uuid": "5179e8b6-bb71-4b17-9e4e-7f4ccab8ac44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/497568", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-21907 Http Dos Python\", \n  \"author\": \" (\u00c7okgen)\",\n  \"Detection Date\": \"16 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-16T14:03:43.000000Z"}, {"uuid": "3f7013dc-0eb5-433e-b574-18b1728e6f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "Telegram/agPBm5znjFfdqHAluh3etrSkXLZLJ-PeqzFbDrvG_gNpSMI9", "content": "", "creation_timestamp": "2022-06-01T12:34:41.000000Z"}, {"uuid": "fe8afaec-b8dc-4fed-9dac-cf5bbc7b58ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/632", "content": "windows HTTP RCE CVE-2022-21907\nhttps://github.com/antx-code/CVE-2022-21907\n\nAn exploit / PoC for CVE-2021-42237\nhttps://github.com/PinkDev1/CVE-2021-42237\n\nApache Dubbo Hessian2 CVE-2021-43297 demo\nhttps://github.com/longofo/Apache-Dubbo-Hessian2-CVE-2021-43297", "creation_timestamp": "2022-01-19T15:20:36.000000Z"}, {"uuid": "40d8f47f-6147-4913-bef1-2413b1a9fd22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/630", "content": "#poc CVE-2022-21907 HTTP Protocol Stack RCE. Windows 10 Exploits\nhttps://github.com/nu11secur1ty/Windows10Exploits/blob/master/2022/CVE-2022-21907/PoC/PoC-CVE-2022-21907.py", "creation_timestamp": "2022-01-15T22:41:24.000000Z"}, {"uuid": "7d4289a3-fe80-4a80-a3ea-1111e9b7b81f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/hacker_trick/621", "content": "CVE-2022-21907 Wormable Windows HTTP hole. what you need to know\nhttps://nakedsecurity.sophos.com/2022/01/12/wormable-windows-http-hole-what-you-need-to-know\n\nESET researchers look at malware that abuses vulnerabilities in kernel drivers and outline mitigation techniques against this type of exploitation\nhttps://www.welivesecurity.com/2022/01/11/signed-kernel-drivers-unguarded-gateway-windows-core\n\nNew SysJoker Backdoor Targets Windows, Linux, macOS\nhttps://www.intezer.com/blog/malware-analysis/new-backdoor-sysjoker\n\nSysJoker analyzing the first (macOS) malware of 2022\nhttps://objective-see.com/blog/blog_0x6C.html", "creation_timestamp": "2022-01-12T19:30:14.000000Z"}, {"uuid": "0fdf8311-d134-4f97-9b87-ae725b3ad09d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "Telegram/Z-gC7tt3bW6DK3IXdR8i896Pj8qpZo-pP72jFLteSWSzz-FC", "content": "", "creation_timestamp": "2022-04-17T19:17:18.000000Z"}, {"uuid": "2f30c84d-1564-4d5e-b11f-8e213f6456d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1249", "content": "CVE-2022-21907 Windows DoS Exploit\n\n#vulnerability #DoS #CVE-2022-21907 #Hacking\n#Windows #CVE #Exploit #BugBounty #DDoS #VAPT\n\nhttps://reconshell.com/cve-2022-21907-windows-dos-exploit/", "creation_timestamp": "2022-04-16T06:57:51.000000Z"}, {"uuid": "2fdc5391-c819-49f1-ad76-27380e1a11fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "Telegram/-6ODXgzzWCxBZpYl68OshWRdD8e5O8jb0SVarNqOSvRoOA0", "content": "", "creation_timestamp": "2022-04-09T07:39:13.000000Z"}, {"uuid": "fc26e0ae-4e27-42e4-86f2-f19cd377d9e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/MoroccanGh0sts/219", "content": "CVE-2022-21907 HTTP Protocol Stack RCE Vulnerability\n\nhttps://reconshell.com/cve-2022-21907-http-protocol-stack-rce-vulnerability/\n\n[\u2714 ] Black Security Team \n\n#RCE #Vulnerability #Metasploit #Nmap #Powershell\n#CVE_2022_21907 #CVE_2022_2190 #Exploit #Dos #Ddos\n#Hacking #Microsoft #Bugbounty #RemoteCodeExecution", "creation_timestamp": "2022-04-07T23:32:26.000000Z"}, {"uuid": "8cad554e-ae5c-48c1-940c-71558e1933da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/11980", "content": "CVE-2022-21907\nA REAL DoS exploit for CVE-2022-21907 https://github.com/polakow/CVE-2022-21907", "creation_timestamp": "2022-04-13T14:10:27.000000Z"}, {"uuid": "2a2da03e-5446-42dd-b37a-e62afae5217d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "Telegram/8zCbUwmFGHKy9CPTQbzuhRf1kw_QnA2S1R4SKJ4pmGcCyqA", "content": "", "creation_timestamp": "2022-04-13T17:28:52.000000Z"}, {"uuid": "28b252d1-d3af-46ba-8414-f02dfe545ad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/true_secator/2513", "content": "\u200b\u200b\u041f\u043e\u0434\u044a\u0435\u0445\u0430\u043b \u0432\u043d\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u0438\u0439 Patch Tuesday \u043e\u0442 Microsoft: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 97 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a (\u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u044f 29 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft Edge), 9 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u00ab\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435\u00bb, 88 \u043a\u0430\u043a \u00ab\u0432\u0430\u0436\u043d\u044b\u0435\u00bb \u0438 6 - 0-day.\n \n\u0421\u0440\u0435\u0434\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445:\n-      CVE-2021-22947 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 Curl, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n-      CVE-2021-36976 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Libarchive, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n-      CVE-2022-21919 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u043f\u0440\u043e\u0444\u0438\u043b\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432.\n-      CVE-2022-21836 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 Windows.\n-      CVE-2022-21839 \u2014 \u0442\u0440\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u043a\u0430 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u043a\u0430\u0437\u043e\u043c \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0441\u043f\u0438\u0441\u043a\u0430 \u0434\u0438\u0441\u043a\u0440\u0435\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n-      CVE-2022-21874 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows Security Center API, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n \n\u0412 \u0446\u0435\u043b\u043e\u043c, Microsoft Patch \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Microsoft Windows, Microsoft Edge, Exchange Server, Microsoft Office, SharePoint Server, NET Framework, Microsoft Dynamics, \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, Windows Hyper-V, \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a Windows \u0438 RDP.\n \n\u0412 \u0447\u0438\u0441\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u044b\u0434\u0435\u043b\u0438\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 HTTP (http.sys) \u0438 \u0431\u0430\u0433\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Exchange Server.\n \n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u0432\u0441\u0435\u0445 CVE-2022-21907 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 wormable-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u043a\u0435\u0442\u044b \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0432\u0435\u0440, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u0442\u0435\u043a \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 HTTP \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n \n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u043c\u0435\u0442\u043a\u0443 \u043d\u043e\u0432\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 Microsoft Exchange CVE-2022-21846, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u043e \u0410\u041d\u0411 \u0421\u0428\u0410. Microsoft \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 Exchange Server \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430.\n \n\u041f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u0430 CVE \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Microsoft Office, \u0442\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u044e\u0449\u0430\u044f\u0441\u044f \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0432 Patch Tuesday. CVE-2022-21840 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n \n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0438 \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0432 \u0435\u0433\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0431\u044b\u043b \u043e\u0446\u0435\u043d\u0435\u043d \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0449\u0438\u0445 \u0434\u0438\u0430\u043b\u043e\u0433\u043e\u0432\u044b\u0445 \u043e\u043a\u043e\u043d \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n \n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u043e\u043c\u0435\u043d\u043d\u044b\u0445 \u0441\u043b\u0443\u0436\u0431\u0430\u0445 Active Directory \u0438 \u043e\u0448\u0438\u0431\u043a\u0443 Curl \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u044b\u043b\u0430 \u0435\u0449\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0438 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n \n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0431\u044a\u0435\u043c \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0433\u043e Patch Tuesday, \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 Microsoft \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043f\u043e\u0434 Office 2019 \u0434\u043b\u044f Mac \u0438 Microsoft Office LTSC \u0434\u043b\u044f Mac 2021, \u043d\u043e \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u044d\u0442\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f.\n \n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0443 \u043d\u0435\u0435 \u043d\u0435\u0442 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0430\u044f-\u043b\u0438\u0431\u043e \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2022-01-12T17:30:00.000000Z"}, {"uuid": "4244f757-53fb-4756-8389-dd32acfe5441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/NeKaspersky/1670", "content": "\u0418\u0442\u043e\u0433\u0438 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 patch tuesday \u043e\u0442 microsoft.\n\n\u041f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0438 \u0441\u0443\u043c\u043c\u0430\u0440\u043d\u043e 96, \u0447\u0442\u043e \u043d\u0430 29 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 (RCE, privesc, spoofing, xss)\u0432 \u0446\u0435\u043b\u043e\u043c \u0437\u043e\u043e\u043f\u0430\u0440\u043a\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, microsoft exchange server, microsoft office, windows kernel, windows defender, RDP, windows certificate, microsoft teams.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0438\u0439 \u0438\u043d\u0442\u0435\u0440\u0435\u0441 \u0432\u044b\u0437\u044b\u0432\u0430\u044e\u0442, \u043e\u0447\u0435\u0432\u0438\u0434\u043d\u043e, 0day, \u0430 \u0438\u0445 \u0446\u0435\u043b\u044b\u0445 6:\n\u2022 CVE-2021-22947 - RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 curl, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0443 Man-in-The-Middle;\n\u2022 CVE-2021-36976 \u2014 use-after-free \u0432 libarchive, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a RCE;\n\u2022 CVE-2022-21874 \u2014 RCE \u0432 api windows security center;\n\u2022 CVE-2022-21919 \u2014 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 windows user profile service, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC;\n\u2022 CVE-2022-21839 \u2014 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 windows event tracing discretionary access control list;\n\u2022 CVE-2022-21836 \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432, PoC \u0442\u0430\u043a \u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0412 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0434\u0435\u043a\u0430\u0431\u0440\u044c\u0441\u043a\u0438\u0445 0day, \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0435 \u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043a\u0430\u0436\u0435\u0442\u0441\u044f, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b, \u043d\u0435 \u0431\u044b\u043b\u0438, \u0447\u0442\u043e, \u043d\u0435\u0441\u043e\u043c\u043d\u0435\u043d\u043d\u043e, \u0440\u0430\u0434\u0443\u0435\u0442.\n\n\u0421\u0430\u043c\u044b\u043c \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u043d\u0430\u0437\u0432\u0430\u043b\u0438 \u0447\u0435\u0440\u0432\u0435\u043e\u0431\u0440\u0430\u0437\u043d\u044b\u0439 \u0431\u0430\u0433 CVE-2022-21907. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0438 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0433\u0443\u0442 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0432 \u0430\u0442\u0430\u043a\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432.\n@NeKaspersky", "creation_timestamp": "2022-01-12T14:49:26.000000Z"}, {"uuid": "a7facae7-abfd-4e43-924d-ceb7ca2ee29a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1236", "content": "CVE-2022-21907 HTTP Protocol Stack RCE Vulnerability\n\n#RCE #Vulnerability #Metasploit #Nmap #Powershell\n#CVE-2022-21907 #CVE-2022-2190 #Exploit #Dos #Ddos\n#Hacking #Microsoft #Bugbounty #RemoteCodeExecution\n\nhttps://reconshell.com/cve-2022-21907-http-protocol-stack-rce-vulnerability/", "creation_timestamp": "2022-04-05T07:21:47.000000Z"}, {"uuid": "726a079b-951e-4ac9-998b-f272343ab265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2516", "content": "#CVE-2022\nPoC for CVE-2021-31166 and CVE-2022-21907\n\nhttps://github.com/0xmaximus/Home-Demolisher\n\n@BlueRedTeam", "creation_timestamp": "2022-12-10T17:07:01.000000Z"}, {"uuid": "63ca9f25-9dfb-4f62-83b1-58c9d21291f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/cibsecurity/35291", "content": "\u203c CVE-2022-21907 \u203c\n\nHTTP Protocol Stack Remote Code Execution Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-12T00:17:47.000000Z"}, {"uuid": "537b75ab-09ba-4e19-8d3e-eeeb95ba4e45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3320", "content": "https://www.coresecurity.com/core-labs/articles/proof-concept-cve-2022-21907-http-protocol-stack-remote-code-execution", "creation_timestamp": "2022-04-16T12:13:57.000000Z"}, {"uuid": "514043b2-40b8-4178-b863-16027d166908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/thehackernews/1783", "content": "First Microsoft Patch Tuesday update of 2022 fixes 96 new vulnerabilities, including a critical \"wormable\" Windows RCE vulnerability (CVE-2022-21907) in the HTTP Protocol Stack.\n\nRead details: https://thehackernews.com/2022/01/first-patch-tuesday-of-2022-brings-fix.html", "creation_timestamp": "2022-10-29T16:54:17.000000Z"}, {"uuid": "07601b20-1c94-46aa-b03f-95ab60995db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2552", "content": "#CVE-2022\nCVE-2022-36537\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\nPOC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability.\n\nhttps://github.com/Malwareman007/CVE-2022-21907\n\nPOC of CVE-2022-36537\nhttps://github.com/Malwareman007/CVE-2022-36537\n\nDirty Pipe - CVE-2022-0847\nhttps://github.com/tmoneypenny/CVE-2022-0847\n\nProof of concept of CVE-2022-24086\n\nhttps://github.com/pescepilota/CVE-2022-24086\n\n@BlueRedTeam", "creation_timestamp": "2023-01-07T04:51:48.000000Z"}, {"uuid": "afaedcb2-1dfd-469d-89a7-37350c386b48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1631", "content": "#Blue_Team\n\n1. This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired\nhttps://github.com/mauricelambert/CVE-2022-21907\n2. Hardening HashiCorp Vault\nhttps://github.com/hashicorp/vault-selinux-policies\n\n@BlueRedTeam", "creation_timestamp": "2022-01-18T15:24:01.000000Z"}, {"uuid": "8e3bd1c1-0638-40fb-a1cb-d4de2f8ab38f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/BlueRedTeam/1621", "content": "#Blue_Team\n\n1. Abusing MS Office Using Malicious Web Archive Files\nhttps://www.netskope.com/blog/abusing-microsoft-office-using-malicious-web-archive-files\n2. A Quick CVE-2022-21907 FAQ\nhttps://isc.sans.edu/forums/diary/A+Quick+CVE202221907+FAQ+work+in+progress/28234\n\n@BlueRedTeam", "creation_timestamp": "2022-01-14T08:02:10.000000Z"}, {"uuid": "badc009e-2365-4d19-ac3d-9689e475054e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5199", "content": "#Blue_Team_Techniques\n1. Abusing MS Office Using Malicious Web Archive Files\nhttps://www.netskope.com/blog/abusing-microsoft-office-using-malicious-web-archive-files\n2. A Quick CVE-2022-21907 FAQ\nhttps://isc.sans.edu/forums/diary/A+Quick+CVE202221907+FAQ+work+in+progress/28234", "creation_timestamp": "2022-01-14T11:05:11.000000Z"}, {"uuid": "6823dd22-4c4c-4cec-b7e2-bf8760d8b73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5225", "content": "#exploit\nCVE-2022-21907:\nWindows 10/11/2019/2022 HTTP Protocol Stack RCE Vulnerability (PoC)\nhttps://github.com/antx-code/CVE-2022-21907", "creation_timestamp": "2022-01-19T05:39:00.000000Z"}, {"uuid": "4f501ce9-4752-4c10-a756-ccb9f6efaa91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "Telegram/oWSPkDsJ-y34oQzF9TvATbb9e2xxUgDctwgG7HX7J-_WCowF", "content": "", "creation_timestamp": "2022-01-12T04:32:14.000000Z"}, {"uuid": "4d87df43-7df0-4d55-b10d-868ddbe681d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5210", "content": "#Blue_Team_Techniques\n1. This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired\nhttps://github.com/mauricelambert/CVE-2022-21907\n2. Hardening HashiCorp Vault\nhttps://github.com/hashicorp/vault-selinux-policies", "creation_timestamp": "2022-01-16T13:34:43.000000Z"}, {"uuid": "03b9bdb3-14c5-4211-8257-c37e68d305fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21907", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5324", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Jan 1-31)\n\nCVE-2021-44228 - Apache Log4j2\nCVE-2021-40444 - Microsoft MSHTML RCE\nCVE-2021-4034 - LPE vuln was found on polkit's pkexec utility\nCVE-2022-0185 - Linux Kernel Container Escape in Kubernetes\nCVE-2022-21907 - HTTP Protocol Stack RCE\nCVE-2022-21882 - Win32k Window Object Type Confusion\nCVE-2021-20038 - SonicWall SMA-100 Unauth RCE\nCVE-2021-45467 - CWP CentOS Web Panel preauth RCE\nCVE-2021-42392 - Unauth RCE in H2 Database Console\nCVE-2022-21658 - Vulnerability in Rust", "creation_timestamp": "2024-10-15T10:29:54.000000Z"}]}