Exploit for #VU18446 Input validation error in Windows Server and Windows

Vulnerability identifier: #VU18446

Vulnerability risk: High

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2019-0708

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 47

• March 25, 2023
  • Detect-BlueKeep (a simple tool to detect the exploitation of BlueKeep vulnerability (CVE-2019-0708)) [Github]
• August 23, 2021
  • Nephael-CVE-2019-0708-Exploit (MS CVE 2019-0708 Python Exploit) [Github]
• June 17, 2021
  • Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit) [Exploit-DB]
  • Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit) [Exploit-DB]
• January 31, 2021
  • Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit (Scan through given ip list) [Github]
• November 10, 2020
  • CVE-2019-0708-PoC (CVE-2019-0708-PoC It is a semi-functional exploit capable of remotely accessing a Windows computer by exploiting the aforementioned vulnerability, this repository also contains notes on how to complete the attack.) [Github]
• November 3, 2020
  • CVE-2019-0708-EXP-MSF- (CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708) [Github]
• April 27, 2020
  • Wincrash (Mass exploit for CVE-2019-0708) [Github]
• April 7, 2020
  • CVE-2019-0708-Poc-exploit (CVE-2019-0708 EXPloit-poc 漏洞描述 微软官方紧急发布安全补丁，修复了一个Windows远程桌面服务的远程代码执行漏洞CVE-2019-0708，该漏洞影响了某些旧版本的Windows系统。此漏洞是预身份验证，无需用户交互。当未经身份验证的攻击者使用RDP（常见端口3389）连接到目标系统并发送特制请求时，可以在目标系统上执行任意命令。甚至传播恶意蠕虫，感染内网其他机器。类似于2017年爆发的WannaCry等恶意勒索软件病毒 [Github]
• March 18, 2020
  • CVE-2019-0708-EXPloit-3389 (EXPloit-poc: https://pan.baidu.com/s/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8) [Github]
  • CVE-2019-0708 (Proof of concept exploit for CVE-2019-0708) [Github]
  • CVE-2019-0708-poc (proof of concept exploit for Microsoft Windows 7 and Server 2008 RDP vulnerability) [Github]
  • Wincrash (Mass exploit for CVE-2019-0708) [Github]
  • ispy (ispy V1.0 - Eternalblue(ms17-010)/Bluekeep(CVE-2019-0708) Scanner and exploit ( Metasploit automation )) [Github]
  • XploitHunt (XploitHunt is tool which help pentester to get exploit details by providing CVE-IDs) [Github]
  • CVE-2019-0708-PoC (Windows RPD Exploit) [Github]
  • CVE-2019-0708-EXPloit (POCexp:https://pan.baidu.com/s/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8 ) [Github]
  • []
  • CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerabilit [Github]
  • CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerabilit [Github]
  • CVE-2019-0708 (CVE-2019-0708 Exploit) [Github]
  • Remote-Desktop-Services-Remote-Code-Execution-Vulnerability-CVE-2019-0708- (rce exploit , made to work with pocsuite3) [Github]
  • CVE-2020-0601 (A Windows Crypto Exploit) [Github]
  • cve_searchsploit (Search an exploit in the local exploitdb database by its CVE) [Github]
  • RDS_CVE-2019-0708 (exploit CVE-2019-0708 RDS) [Github]
  • CVE-2019-0708-Exploit (Using CVE-2019-0708 to Locally Promote Privileges in Windows 10 System) [Github]
  • CVE-2019-0708-exploit (CVE-2019-0708-exploit) [Github]
  • CVE-2019-0708 (A Win7 RDP exploit) [Github]
  • CVE-2019-0708 (PoC exploit for BlueKeep (CVE-2019-0708)) [Github]
  • CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check [Metasploit]
  • CVE-2019-0708 (CVE-2019-0708 RDP Remote Code Execute Exploit ) [Github]
  • Mass-scanner-for-CVE-2019-0708-RDP-RCE-Exploit (Scan through given ip list) [Github]
  • CVE-2019-0708 (High level exploit) [Github]
  • CVE-2019-0709 (Exploit In Progress) [Github]
  • CVE-2019-0708-Tool (A social experiment) [Github]
  • CVE-2019-0709 (CVE-2019-0708 Exploit using Python) [Github]
  • CVE-2019-0708 (3389远程桌面代码执行漏洞CVE-2019-0708批量检测工具(Rdpscan Bluekeep Check)) [Github]
  • cve-2019-0708 (CVE-2019-0708 Exploit Tool) [Github]
  • bluekeep_CVE-2019-0708_poc_to_exploit (An Attempt to Port BlueKeep PoC from @Ekultek to actual exploits) [Github]
  • cve_2019_0708_bluekeep_rce (bluekeep exploit) [Github]
  • CVE-2019-0708 (CVE-2019-0708 With Metasploit-Framework Exploit) [Github]
  • msf-module-CVE-2019-0708 (Metasploit module for CVE-2019-0708 (BlueKeep) - https://github.com/rapid7/metasploit-framework/tree/5a0119b04309c8e61b44763ac08811cd3ecbbf8d/modules/exploits/windows/rdp) [Github]
  • CVE-2019-0708-EXP-MSF- (CVE-2019-0708-EXP(MSF) Vulnerability exploit program for cve-2019-0708) [Github]
  • bluekeep (CVE- 2019-0708 مرحبا هذه هي ثغرة الارديبي الاخيرة رقمها ) [Github]
  • CVE-2019-0708 (initial exploit for CVE-2019-0708, BlueKeep CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indic [Github]
  • bluekeep-exploit (Bluekeep(CVE 2019-0708) exploit released) [Github]
  • CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free [Metasploit]

Vulnerable software:
Windows Server
Operating systems & Components / Operating system
Windows
Operating systems & Components / Operating system

Vendor: Microsoft