Tag
#Windows HTTP Protocol Stack
CVE-2023-23392: HTTP Protocol Stack Remote Code Execution Vulnerability
**How could an attacker exploit this vulnerability?** In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets.
CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability
**How could an attacker exploit this vulnerability?** In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. **Is this wormable?** Yes. Microsoft recommends prioritizing the patching of affected servers.