Excite IT, Brace168, and VITCS Merge to Form Excite Cyber: A New Era of Fearless Technology Solutions > Learn more

Common Vulnerabilities and Exposures

CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability

Description:

The exploit works by spraying an IIS server via several large GET HTTP requests and finishes with a malformed HTTP request.

Mitigation:

Windows Server 2019 and Windows 10 version 1809 are not vulnerable by default. Unless you have enabled the HTTP Trailer Support via EnableTrailerSupport registry value, the systems are not vulnerable.

This mitigation only applies to Windows Server 2019 and Windows 10, version 1809 and does not apply to Windows 10, version 20H2 and newer.

Recent blog posts

Merger Announcement

TikTok bans: why should other social media get a pass?

Matter – the new standard in IoT

Need help with this?

Enter your details below and one of our team will get in touch

Excite IT, Brace168, and VITCS Merge to Form Excite Cyber: A New Era of Fearless Technology Solutions > Learn more

Common Vulnerabilities and Exposures

Recent blog posts

Merger Announcement

TikTok bans: why should other social media get a pass?

Matter – the new standard in IoT

Need help with this?

Other Similar Articles

Can we use and trust AI in Cyber Security?

Partner Message Check Point

Partner News – Check Point Harmony Offer

AusCERT 2022

Our Office

Call Us

Email Address