Share
## https://sploitus.com/exploit?id=321A07F5-08A6-5CD6-8C0E-1C2F04B37061
# nmap-CVE-2022-21907
Repository containing nse script for vulnerability CVE-2022-21907. It is a component (IIS) vulnerability on Windows. It allows remote code execution. The vulnerability affects the kernel module http.sys, which handles most basic IIS operations. After uploading the payload, the server should stop working (DoS).

## Usage
```
┌──(kali㉿kali)-[~/nmap-CVE-2022-21907]
└─$ nmap <target> --script=./nmap-CVE-2022-21907.nse
(...)
PORT     STATE SERVICE    REASON  VERSION
8080/tcp open  http-proxy syn-ack
| nmap-CVE-2022-21907: 
|   VULNERABLE:
|   CVE-2022-21907 - DOS
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2022-21907
|     References:
|_      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21907
```

## License
Same as Nmap. See https://nmap.org/book/man-legal.html