Vulnerability identifier: #VU6183

Vulnerability risk: Critical

CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2017-7269

CWE-ID: CWE-119

Exploitation vector: Network

Exploits in database: 9

• April 7, 2020
  • Exploits (Containing Self Made Perl Reproducers / PoC Codes) [Github]
• March 18, 2020
  • Alien-Framework (Alien-Framework, it is a framework with many CVE exploits and tools to use in pen-testing.) [Github]
  • webdav_exploit (An exploit for Microsoft IIS 6.0 CVE-2017-7269) [Github]
  • CVE-2017-7269-exploit (exec 8 bytes command) [Github]
  • iis6-exploit-2017-CVE-2017-7269 (iis6 exploit 2017 CVE-2017-7269) [Github]
  • IIS_6.0_WebDAV_Ruby (Ruby Exploit for IIS 6.0 Buffer Overflow (CVE-2017-7269)) [Github]
  • Microsoft IIS - WebDav 'ScStoragePathFromUrl' Overflow (Metasploit) [Exploit-DB]
  • Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow [Exploit-DB]
  • Microsoft IIS WebDav ScStoragePathFromUrl Overflow [Metasploit]

Impact: Code execution

Vulnerable software:
Microsoft IIS
Server applications / Web servers
Windows Server
Operating systems & Components / Operating system
Windows
Operating systems & Components / Operating system

Vendor: Microsoft