漏洞描述
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Server Message Block (SMB)协议软件处理特制SMB报文时存在未经身份验证的远程代码执行漏洞。利用该漏洞不要求进行身份验证,从而使攻击者通过发送特制的SMB报文到运行Server服务的计算机来利用此漏洞。成功利用此漏洞可完全控制受影响系统。
Microsoft Windows SMB操作解析远程代码执行漏洞
PoC代码
暂无相关漏洞推荐
- POC sharepoint-lists-api-disclosure: Microsoft SharePoint - List API Disclosure
- POC CVE-2025-13315: Twonky Server 8.5.2 on Linux and Windows - Log File Exposure
- POC sharepoint-layouts-disclosure: Microsoft SharePoint - Layouts Disclosure
- POC sharepoint-masterpage-disclosure: Microsoft SharePoint - Master Page Disclosure
- POC sharepoint-site-metadata-disclosure: Microsoft SharePoint - Site Metadata Disclosure
- POC sharepoint-sitepages-disclosure: Microsoft SharePoint - Site Pages Disclosure
- POC CVE-2025-49706: Microsoft SharePoint Server - Authentication Bypass
- Windows PolicyConfiguration 计划任务特权提升漏洞(CVE-2025-60710)
- Windows 11 PolicyConfiguration 计划任务特权提升漏洞(CVE-2025-60710)
- Windows 11 RAiLaunchAdminProcess 管理员保护特权提升漏洞
- (CVE-2025-62522)Vite开发服务器Windows环境下文件泄露漏洞
- (CVE-2025-53770)Microsoft SharePoint Server反序列化漏洞允许远程代码执行
- (CVE-2025-41246) VMware Tools for Windows授权不当漏洞