Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-31166— HTTP Protocol Stack Remote Code Execution Vulnerability

CVSS 9.8 · Critical KEV EPSS 93.07% · P100
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-31166

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
HTTP Protocol Stack Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
HTTP Protocol Stack Remote Code Execution Vulnerability
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft HTTP.sys 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft HTTP.sys是美国微软(Microsoft)公司的一个应用协议。HTTP应用协议。 HTTP.sys存在资源管理错误漏洞。以下产品和版本受到影响:Windows 10 Version 2004 for 32-bit Systems,Windows 10 Version 2004 for ARM64-based Systems,Windows 10 Version 2004 for x64-based Systems,Windows Server, version 2004 (Ser
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
MicrosoftWindows 10 Version 2004 10.0.0 ~ 10.0.19041.982 cpe:2.3:o:microsoft:windows_10_1809:10.0.19041.982:*:*:*:*:*:x64:*
MicrosoftWindows Server version 2004 10.0.0 ~ 10.0.19041.982 cpe:2.3:o:microsoft:windows_server_2004:10.0.19041.982:*:*:*:*:*:*:*
MicrosoftWindows 10 Version 20H2 10.0.0 ~ 10.0.19042.982 cpe:2.3:o:microsoft:windows_10_20H2:10.0.19042.982:*:*:*:*:*:x86:*
MicrosoftWindows Server version 20H2 10.0.0 ~ 10.0.19042.982 cpe:2.3:o:microsoft:windows_server_20H2:10.0.19042.982:*:*:*:*:*:*:*

II. Public POCs for CVE-2021-31166

#POC DescriptionSource LinkShenlong Link
1Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.https://github.com/0vercl0k/CVE-2021-31166POC Details
2PoC for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely. Although it was defined as remote command execution, it can only cause the system to crash.https://github.com/zha0gongz1/CVE-2021-31166POC Details
3Different rules to detect if CVE-2021-31166 is being exploitedhttps://github.com/mvlnetdev/CVE-2021-31166-detection-rulesPOC Details
4HTTP Protocol Stack CVE-2021-31166https://github.com/corelight/CVE-2021-31166POC Details
5simple bash script for exploit CVE-2021-31166https://github.com/zecopro/CVE-2021-31166POC Details
6Nonehttps://github.com/bgsilvait/WIn-CVE-2021-31166POC Details
7http.sys remote UAF to Leak Credentialhttps://github.com/Udyz/CVE-2021-31166POC Details
8Exploit for MS Http Protocol Stack RCE vulnerability (CVE-2021-31166)https://github.com/y0g3sh-99/CVE-2021-31166-ExploitPOC Details
9Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166https://github.com/antx-code/CVE-2021-31166POC Details
10Just a simple CVE-2021-31166 exploit toolhttps://github.com/imikoYa/CVE-2021-31166-exploitPOC Details
11CVE-2021-31166: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.https://github.com/mauricelambert/CVE-2021-31166POC Details
12Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166https://github.com/ZZ-SOCMAP/CVE-2021-31166POC Details
13Just a simple CVE-2021-31166 exploit toolhttps://github.com/iranzai/CVE-2021-31166-exploitPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-31166

登录查看更多情报信息。

Same Patch Batch · Microsoft · 2021-05-11 · 52 CVEs total

CVE-2021-284769.9 CRITICALWindows Hyper-V Remote Code Execution Vulnerability
CVE-2021-284748.8 HIGHMicrosoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-284558.8 HIGHMicrosoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vul
CVE-2021-311818.8 HIGHMicrosoft SharePoint Remote Code Execution Vulnerability
CVE-2021-311948.8 HIGHOLE Automation Remote Code Execution Vulnerability
CVE-2021-270688.8 HIGHVisual Studio Remote Code Execution Vulnerability
CVE-2021-312087.8 HIGHWindows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-311657.8 HIGHWindows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-311687.8 HIGHWindows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-311707.8 HIGHWindows Graphics Component Elevation of Privilege Vulnerability
CVE-2021-311697.8 HIGHWindows Container Manager Service Elevation of Privilege Vulnerability
CVE-2021-312117.8 HIGHVisual Studio Code Remote Code Execution Vulnerability
CVE-2021-284657.8 HIGHWeb Media Extensions Remote Code Execution Vulnerability
CVE-2021-311807.8 HIGHMicrosoft Office Graphics Remote Code Execution Vulnerability
CVE-2021-312147.8 HIGHVisual Studio Code Remote Code Execution Vulnerability
CVE-2021-311797.8 HIGHMicrosoft Office Remote Code Execution Vulnerability
CVE-2021-311777.8 HIGHMicrosoft Office Remote Code Execution Vulnerability
CVE-2021-311757.8 HIGHMicrosoft Office Remote Code Execution Vulnerability
CVE-2021-311767.8 HIGHMicrosoft Office Remote Code Execution Vulnerability
CVE-2021-311877.8 HIGHWindows WalletService Elevation of Privilege Vulnerability

Showing top 20 of 52 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Windows 10 Version 2004
Same vendor: Microsoft

V. Comments for CVE-2021-31166

No comments yet

Leave a comment