Skip to content

Bailuleader/CVE-2023-21752

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2023-21752

PoC for arbitrary file delete vulnerability in Windows Backup service.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21752

This repo contains two exploits:

v1 - Just perform file delete of user choice

v2 - Tries to abuse arb delete to spawn elevated cmd shell (not very stable probably need to run it couple of times, better work on phisycal machine)

poc.mp4

Timeline

  • 07/07/2022 - Vulnerability reported to MSRC
  • 08/10/2022 - MSRC confirmed vulnerability
  • 08/12/2022 - Bounty awarded
  • 01/10/2023 - Patch released

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 98.9%
  • C 1.1%