Exploit for #VU29761 Buffer overflow in Windows Server

Vulnerability identifier: #VU29761

Vulnerability risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2020-1350

CWE-ID: CWE-119

Exploitation vector: Network

Exploits in database: 22

• October 8, 2022
  • CVE-2020-1350-checker.ps1 (Comprueba si su servidor DNS es vulnerable a la ejecución remota de código.) [Github]
• September 21, 2020
  • CPR-Zero: CVE-2020-1350 [CPR CheckPoint]
• August 21, 2020
  • NSE-scripts (NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473) [Github]
• July 28, 2020
  • CVE-2020-1350-Fix (A registry-based workaround can be used to help protect an affected Windows server, and it can be implemented without requiring an administrator to restart the server. Because of the volatility of this vulnerability, administrators may [Github]
• July 20, 2020
  • CVE-2020-1350 (DNS Vulnerability - CVE-2020-1350) [Github]
  • NSE-scripts (NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST) [Github]
  • Fake_CVE-2020-1350 (Fake exploit tool, designed to rickroll users attempting to actually exploit.) [Github]
  • CVE-2020-1350-poc (A universal poc of CVE-2020-1350 that makes the dns.exe easy to crash) [Github]
  • CVE-2020-1350 (Scanner and Mitigator for CVE 2020-1350) [Github]
  • CVE-2020-1350 (CVE-2020-1350 Proof-of-Concept) [Github]
  • CVE-2020-1350 () [Github]
  • CVE-2020-1350-poc (A basic proof of concept for CVE-2020-1350) [Github]
  • CVE-2020-1350-checker (Script para comprobar si la vulneravilidad relacionada con CVE-2020-1350 es aplicable a su Windows Server.) [Github]
  • CVE-2020-1350-checker.ps1 (Comprueba si su servidor DNS es vulnerable a la ejecución remota de código.) [Github]
• July 17, 2020
  • CVE-2020-1350 (Denial of Service PoC for CVE-2020-1350 (SIGRed)) [Github]
• July 16, 2020
  • windows-dns-SIGRed (InSpec Profile to identify systems vulnerable to CVE-2020-1350) [Github]
  • SIGRed (Detection of attempts to exploit Microsoft Windows DNS server via CVE-2020-1350 (AKA SIGRed)) [Github]
  • CVE-2020-1350-DoS (A denial-of-service proof-of-concept for CVE-2020-1350) [Github]
• July 15, 2020
  • dRMM-CVE-2020-1350-response (Windows registry mitigation response to CVE-2020-1350) [Github]
  • CVE-2020-1350 (This Powershell Script is checking if your server is vulnerable for the CVE-2020-1350 Remote Code Execution flaw in the Windows DNS Service) [Github]
  • CVE-2020-1350 () [Github]
  • cve-2020-1350 (Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2003 up to Windows Server 2019.) [Github]

Vulnerable software:
Windows Server
Operating systems & Components / Operating system

Vendor: Microsoft