Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-31166
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
HTTP Protocol Stack Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
HTTP Protocol Stack Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft HTTP.sys 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft HTTP.sys是美国微软(Microsoft)公司的一个应用协议。HTTP应用协议。 HTTP.sys存在资源管理错误漏洞。以下产品和版本受到影响:Windows 10 Version 2004 for 32-bit Systems,Windows 10 Version 2004 for ARM64-based Systems,Windows 10 Version 2004 for x64-based Systems,Windows Server, version 2004 (Ser
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
MicrosoftWindows 10 Version 2004 10.0.0 ~ 10.0.19041.982 cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*
MicrosoftWindows Server version 2004 10.0.0 ~ 10.0.19041.982 cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 20H2 10.0.0 ~ 10.0.19042.982 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*
MicrosoftWindows Server version 20H2 10.0.0 ~ 10.0.19042.982 cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*
II. Public POCs for CVE-2021-31166
#POC DescriptionSource LinkShenlong Link
1Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.https://github.com/0vercl0k/CVE-2021-31166POC Details
2PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.https://github.com/zha0gongz1/CVE-2021-31166POC Details
3Different rules to detect if CVE-2021-31166 is being exploitedhttps://github.com/mvlnetdev/CVE-2021-31166-detection-rulesPOC Details
4HTTP Protocol Stack CVE-2021-31166https://github.com/corelight/CVE-2021-31166POC Details
5simple bash script for exploit CVE-2021-31166https://github.com/zecopro/CVE-2021-31166POC Details
6Nonehttps://github.com/bgsilvait/WIn-CVE-2021-31166POC Details
7http.sys remote UAF to Leak Credentialhttps://github.com/Udyz/CVE-2021-31166POC Details
8Exploit for MS Http Protocol Stack RCE vulnerability (CVE-2021-31166)https://github.com/y0g3sh-99/CVE-2021-31166-ExploitPOC Details
9Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166https://github.com/antx-code/CVE-2021-31166POC Details
10Just a simple CVE-2021-31166 exploit toolhttps://github.com/imikoYa/CVE-2021-31166-exploitPOC Details
11CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.https://github.com/mauricelambert/CVE-2021-31166POC Details
12Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166https://github.com/ZZ-SOCMAP/CVE-2021-31166POC Details
13Just a simple CVE-2021-31166 exploit toolhttps://github.com/iranzai/CVE-2021-31166-exploitPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-31166
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: Windows 10 Version 2004
Same vendor: Microsoft
V. Comments for CVE-2021-31166

No comments yet

Leave a comment