Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-21907 PoC — HTTP Protocol Stack Remote Code Execution Vulnerability

Source
https://github.com/iveresk/cve-2022-21907-http.sys
Associated Vulnerability
Title:HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2022-21907)
Description:HTTP Protocol Stack Remote Code Execution Vulnerability
Description
An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (http.sys) to process packets, resulting in a kernel crash.
Readme
# cve-2022-21907-http.sys by 1vere$k
CVE-2022-21907 - Double Free in http.sys driver.  

## Summary
An unauthenticated attacker can send an HTTP request with an "Accept-Encoding" HTTP request header triggering a double free in the unknown coding-list inside the HTTP Protocol Stack (http.sys) to process packets, resulting in a kernel crash.

## Vulnerable systems

Windows Server 2019 and Windows 10 version 1809:
- Not vulnerable by default. Unless you have set the HTTP Trailer Support.
- Windows 10 version 2004 (build 19041.450): **Vulnerable**

## Contact
You are free to contact me via [Keybase](https://keybase.io/1veresk) for any details.
File Snapshot

 [4.0K]  /data/pocs/1a73b00a93441563debb0741cb72e33f7dcca0b4
├── [3.3K]  cve-2022-21907-1veresk.sh
├── [ 288]  input.txt
├── [1.0K]  LICENSE
├── [ 648]  README.md
└── [ 468]  shodan-grep.sh

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →