3.7.7 CVE-2018-0824

漏洞名称

CVE-2018-0824

漏洞等级

高危

漏洞描述

可在未打微软2018年6月份安全补丁的win7x64,server2008r2x64运行,支持webshell模式,支持任意用户运行,运行后获得一个system权限的cmd

漏洞影响

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for Itanium-Based Systems ServicePack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 R2 for Itanium-Based Systems ServicePack 1

Windows Server 2008 R2 for x64-based Systems ServicePack 1

Windows Server 2008 R2 for x64-based Systems ServicePack 1

复现过程

实验环境:Windows Server 2008 R2

漏洞修复

微软已经发布安全公告及相应的补丁。

Previous3.7.6 CVE-2018-8120Next3.8 linux系统漏洞

Last updated