Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2023-23397 PoC — Microsoft Outlook Elevation of Privilege Vulnerability

Source
https://github.com/madelynadams9/CVE-2023-23397-Report
Associated Vulnerability
Title:Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
Description:Microsoft Outlook Elevation of Privilege Vulnerability
Description
An exploitation demo of Outlook Elevation of Privilege Vulnerability
Readme
# CVE-2023-23397-Report
An exploitation demo of Outlook Elevation of Privilege Vulnerability

CVE-2023-23397 is a critical EoP vulnerability in Microsoft Outlook that is triggered when an attacker sends a message with an extended MAPI property with a 
UNC path to an SMB (TCP 445) share on a threat actor-controlled server on an untrusted network. No user interaction is required. The threat actor is using a connection 
to the remote SMB server sends the user’s NTLM negotiation message, which the attacker can then relay for authentication against other systems that support 
NTLM authentication.
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →