HTTP Protocol Stack Remote Code Execution Vulnerability (DOS)

Description

A vulnerability in the Microsoft Windows HTTP Protocol Stack (HTTP.sys) allows remote attackers to execute arbitrary code or cause a system crash on the host operating system.

Recommendation

Immediately apply the latest security updates provided by Microsoft to mitigate this vulnerability. Regularly update your Windows systems to ensure they are protected against known security risks.

References

• Microsoft: HTTP Protocol Stack Remote Code Execution Vulnerability
• CVE-2021-31166
• CAPEC-310
• OWASP 2021-A6

Related Issues

• Drupal 'Drupalgeddon2' Remote Code Execution - CVE-2018-7600
• Insecure Deserialization Remote Code Execution - Vulnerability
• Joomla Remote Command Execution - Vulnerability
• Nginx Code Execution due to Misconfiguration - Vulnerability

Tags:

DOS

Windows