CVE-2022-21907
HTTP Protocol Stack Remote Code Execution Vulnerability
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
14
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Attend
*SSVC
Descriptions
HTTP Protocol Stack Remote Code Execution Vulnerability
Una vulnerabilidad de Ejecución de Código Remota en HTTP Protocol Stack
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Attend
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-12-14 CVE Reserved
- 2022-01-11 CVE Published
- 2022-01-17 First Exploit
- 2024-11-15 EPSS Updated
- 2024-11-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (16)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/polakow/CVE-2022-21907 | 2022-04-15 | |
| https://www.exploit-db.com/exploits/51575 | 2023-07-07 | |
| https://github.com/ZZ-SOCMAP/CVE-2022-21907 | 2022-01-20 | |
| https://github.com/p0dalirius/CVE-2022-21907-http.sys | 2024-03-16 | |
| https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC | 2022-01-23 | |
| https://github.com/mauricelambert/CVE-2022-21907 | 2022-03-07 | |
| https://github.com/Malwareman007/CVE-2022-21907 | 2024-08-04 | |
| https://github.com/xiska62314/CVE-2022-21907 | 2022-01-17 | |
| https://github.com/kamal-marouane/CVE-2022-21907 | 2024-01-19 | |
| https://github.com/asepsaepdin/CVE-2022-21907 | 2023-09-03 | |
| https://github.com/cassie0206/CVE-2022-21907 | 2023-06-25 | |
| https://github.com/EzoomE/CVE-2022-21907-RCE | 2023-05-22 | |
| https://github.com/gpiechnik2/nmap-CVE-2022-21907 | 2022-04-16 | |
| http://packetstormsecurity.com/files/166730/Microsoft-HTTP-Protocol-Stack-Denial-Of-Service.html | 2023-12-21 |
| URL | Date | SRC |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21907 | 2023-12-21 |
| URL | Date | SRC |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21907 | 2024-11-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 20h2 Search vendor "Microsoft" for product "Windows 10" and version "20h2" | arm64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 20h2 Search vendor "Microsoft" for product "Windows 10" and version "20h2" | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 20h2 Search vendor "Microsoft" for product "Windows 10" and version "20h2" | x86 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 21h1 Search vendor "Microsoft" for product "Windows 10" and version "21h1" | arm64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 21h1 Search vendor "Microsoft" for product "Windows 10" and version "21h1" | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 21h1 Search vendor "Microsoft" for product "Windows 10" and version "21h1" | x86 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 21h2 Search vendor "Microsoft" for product "Windows 10" and version "21h2" | arm64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 21h2 Search vendor "Microsoft" for product "Windows 10" and version "21h2" | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 21h2 Search vendor "Microsoft" for product "Windows 10" and version "21h2" | x86 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 1809 Search vendor "Microsoft" for product "Windows 10" and version "1809" | arm64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 1809 Search vendor "Microsoft" for product "Windows 10" and version "1809" | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 10 Search vendor "Microsoft" for product "Windows 10" | 1809 Search vendor "Microsoft" for product "Windows 10" and version "1809" | x86 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 11 Search vendor "Microsoft" for product "Windows 11" | - | arm64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows 11 Search vendor "Microsoft" for product "Windows 11" | - | x64 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server Search vendor "Microsoft" for product "Windows Server" | 20h2 Search vendor "Microsoft" for product "Windows Server" and version "20h2" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server Search vendor "Microsoft" for product "Windows Server" | 2022 Search vendor "Microsoft" for product "Windows Server" and version "2022" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Windows Server 2019 Search vendor "Microsoft" for product "Windows Server 2019" | - | - |
Affected
| ||||||