支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2021-40444 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Microsoft MSHTML Remote Code Execution Vulnerability
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p> <p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p> <p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p> <p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p> <p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p>
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft MSHTML.DLL 路径遍历漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft MSHTML.DLL是美国微软(Microsoft)公司的一个用于解析HTML语言的动态链接库,IE、Outlook、Outlook Express等应用程序都使用了该动态链接库。 Microsoft MSHTML.DLL 存在路径遍历漏洞,远程攻击者可以创建带有恶意ActiveX控件的特制Office文档,诱使受害者打开文档并在系统上执行任意代码。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
MicrosoftWindows 10 Version 1809 10.0.0 ~ 10.0.17763.2183 cpe:2.3:o:microsoft:windows_10_1809:10.0.17763.2183:*:*:*:*:*:x86:*
MicrosoftWindows Server 2019 10.0.0 ~ 10.0.17763.2183 cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183:*:*:*:*:*:*:*
MicrosoftWindows Server 2019 (Server Core installation) 10.0.0 ~ 10.0.17763.2183 cpe:2.3:o:microsoft:windows_server_2019:10.0.17763.2183:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 1909 10.0.0 ~ 10.0.18363.1801 cpe:2.3:o:microsoft:windows_10_1909:10.0.18363.1801:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 21H1 10.0.0 ~ 10.0.19043.1237 cpe:2.3:o:microsoft:windows_10_21H1:10.0.19043.1237:*:*:*:*:*:x64:*
MicrosoftWindows Server 2022 10.0.0 ~ 10.0.20348.230 cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.230:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 2004 10.0.0 ~ 10.0.19041.1237 cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.1237:*:*:*:*:*:x64:*
MicrosoftWindows Server version 2004 10.0.0 ~ 10.0.19041.1237 cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.1237:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 20H2 10.0.0 ~ 10.0.19042.1237 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.1237:*:*:*:*:*:x86:*
MicrosoftWindows Server version 20H2 10.0.0 ~ 10.0.19042.1237 cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.1237:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 1507 10.0.0 ~ 10.0.10240.19060 cpe:2.3:o:microsoft:windows_10_1507:10.0.10240.19060:*:*:*:*:*:x86:*
MicrosoftWindows 10 Version 1607 10.0.0 ~ 10.0.14393.4651 cpe:2.3:o:microsoft:windows_10_1607:10.0.14393.4651:*:*:*:*:*:x86:*
MicrosoftWindows Server 2016 10.0.0 ~ 10.0.14393.4651 cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651:*:*:*:*:*:*:*
MicrosoftWindows Server 2016 (Server Core installation) 10.0.0 ~ 10.0.14393.4651 cpe:2.3:o:microsoft:windows_server_2016:10.0.14393.4651:*:*:*:*:*:*:*
MicrosoftWindows 7 6.1.0 ~ 6.1.7601.25712 cpe:2.3:o:microsoft:windows_7:6.1.7601.25712:sp1:*:*:*:*:x86:*
MicrosoftWindows 7 Service Pack 1 6.1.0 ~ 6.1.7601.25712 cpe:2.3:o:microsoft:windows_7:6.1.7601.25712:sp1:*:*:*:*:x64:*
MicrosoftWindows 8.1 6.3.0 ~ 6.3.9600.20120 cpe:2.3:o:microsoft:windows_8.1:6.3.9600.20120:*:*:*:*:*:x86:*
MicrosoftWindows Server 2008 Service Pack 2 6.0.0 ~ 6.0.6003.21218 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21218:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 Service Pack 2 (Server Core installation) 6.0.0 ~ 6.0.6003.21218 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21218:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 Service Pack 2 6.0.0 ~ 6.0.6003.21218 cpe:2.3:o:microsoft:windows_server_2008_sp2:6.0.6003.21218:*:*:*:*:*:x86:*
MicrosoftWindows Server 2008 R2 Service Pack 1 6.1.0 ~ 6.1.7601.25712 cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25712:*:*:*:*:*:x64:*
MicrosoftWindows Server 2008 R2 Service Pack 1 (Server Core installation) 6.0.0 ~ 6.1.7601.25712 cpe:2.3:o:microsoft:windows_server_2008_R2:6.1.7601.25712:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 6.2.0 ~ 6.2.9200.23462 cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23462:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 (Server Core installation) 6.2.0 ~ 6.2.9200.23462 cpe:2.3:o:microsoft:windows_server_2012:6.2.9200.23462:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 R2 6.3.0 ~ 6.3.9600.20120 cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20120:*:*:*:*:*:x64:*
MicrosoftWindows Server 2012 R2 (Server Core installation) 6.3.0 ~ 6.3.9600.20120 cpe:2.3:o:microsoft:windows_server_2012_R2:6.3.9600.20120:*:*:*:*:*:x64:*
二、漏洞 CVE-2021-40444 的公开POC
#POC 描述源链接神龙链接
1Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444https://github.com/ozergoker/CVE-2021-40444POC详情
2CVE-2021-40444 POChttps://github.com/DarkSprings/CVE-2021-40444POC详情
3Nonehttps://github.com/rfcxv/CVE-2021-40444-POCPOC详情
4根据已知样本反编译代码https://github.com/bambooqj/CVE-2021-40444_EXP_JSPOC详情
5Nonehttps://github.com/Immersive-Labs-Sec/cve-2021-40444-analysisPOC详情
6Nonehttps://github.com/vysecurity/CVE-2021-40444POC详情
7CVE-2021-40444 Sample https://github.com/Udyz/CVE-2021-40444-SamplePOC详情
8CVE-2021-40444 PoChttps://github.com/lockedbyte/CVE-2021-40444POC详情
9Nonehttps://github.com/fengjixuchui/CVE-2021-40444-docx-GeneratePOC详情
10Nonehttps://github.com/KnoooW/CVE-2021-40444-docx-GeneratePOC详情
11A malicious .cab creation tool for CVE-2021-40444https://github.com/mansk1es/CaboomPOC详情
12Reverse engineering the "A Letter Before Court 4.docx" malicious files exploting cve-2021-40444https://github.com/jamesrep/cve-2021-40444POC详情
13Nonehttps://github.com/W1kyri3/Exploit-PoC-CVE-2021-40444-inject-ma-doc-vao-docxPOC详情
14This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploithttps://github.com/aslitsecurity/CVE-2021-40444_buildersPOC详情
15POC for CVE-2021-40444https://github.com/khoaduynu/CVE-2021-40444POC详情
16Malicious document builder for CVE-2021-40444 https://github.com/Jeromeyoung/MSHTMHellPOC详情
17Nonehttps://github.com/k8gege/CVE-2021-40444POC详情
18CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploithttps://github.com/klezVirus/CVE-2021-40444POC详情
19CVE-2021-40444 - Custom CAB templates from MakeCABhttps://github.com/Udyz/CVE-2021-40444-CABPOC详情
20Modified code so that we don´t need to rely on CAB archiveshttps://github.com/Edubr2020/CVE-2021-40444--CABlessPOC详情
21CVE 2021 40444 Windows Exploit services.dllhttps://github.com/kal1gh0st/CVE-2021-40444_CAB_archivesPOC详情
22This docx exploit uses res files inside Microsoft .docx file to execute malicious files. This exploit is related to CVE-2021-40444https://github.com/LazarusReborn/Docx-Exploit-2021POC详情
23Nonehttps://github.com/H0j3n/CVE-2021-40444POC详情
24Nonehttps://github.com/metehangenel/MSHTML-CVE-2021-40444POC详情
25TIC4301 Project - CVE-2021-40444https://github.com/Jeromeyoung/TIC4301_ProjectPOC详情
26Nonehttps://github.com/TiagoSergio/CVE-2021-40444POC详情
27An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework.https://github.com/wh00datz/CVE-2021-40444-POCPOC详情
28Contains the offensive (exploit and auxiliary) modules for the CVE-2021-40444.https://github.com/Zeop-CyberSec/word_mshtmlPOC详情
29Nonehttps://github.com/Alexcot25051999/CVE-2021-40444POC详情
30Nonehttps://github.com/lisinan988/CVE-2021-40444-expPOC详情
31CVE-2021-40444https://github.com/34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-ExploitPOC详情
32Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploithttps://github.com/MRacumen/CVE-2021-40444POC详情
33Nonehttps://github.com/RedLeavesChilde/CVE-2021-40444POC详情
34Nonehttps://github.com/nvchungkma/CVE-2021-40444-Microsoft-Office-Word-Remote-Code-Execution-POC详情
35Nonehttps://github.com/hqdat809/CVE-2021-40444POC详情
36Nonehttps://github.com/tiagob0b/CVE-2021-40444POC详情
37An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework.https://github.com/kagura-maru/CVE-2021-40444-POCPOC详情
38For learning purpose did a complete analysis on CVE-2021-40444 POC (proof of concept)https://github.com/skitkat/CVE-2021-40444-POCPOC详情
39CVE-2021-40444 Sample https://github.com/k4k4/CVE-2021-40444-SamplePOC详情
40CVE-2021-40444 - Custom CAB templates from MakeCABhttps://github.com/Phuong39/CVE-2021-40444-CABPOC详情
41This repository contains scripts and resources for exploiting the Follina CVE and CVE-2021-40444 vulnerabilities in Microsoft Office. The scripts generate malicious document files that can execute arbitrary code on the target system.https://github.com/basim-ahmad/Follina-CVE-and-CVE-2021-40444POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2021-40444 的情报信息
Please 登录 to view more intelligence information
四、漏洞 CVE-2021-40444 的评论

暂无评论

发表评论