CVE-2017-7269

Risk Scores

Exploit Intelligence

• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc-repo)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc)
• Penetration testing assessment of a vulnerable IIS 6.0 WebDAV server, demonstrating reconnaissance, enumeration, exploitation (CVE-2017-7269), and privilege escalation to SYSTEM, along with risk analysis and remediation strategies. (github-poc)

…and 328 more exploits

Timeline

• CVE Published
• Mar 27, 2017 PoC Published
• Mar 28, 2017 PoC Published
• May 11, 2017 PoC Published
• May 11, 2017 PoC Published
• Sep 14, 2017 PoC Published
• Jan 10, 2018 PoC Published
• May 29, 2018 PoC Published
• Oct 9, 2020 PoC Published
• Oct 9, 2020 PoC Published
• Apr 14, 2021 EPSS Score
• Jun 23, 2021 EPSS Score

References

• https://dyn.cncs.gov.pt/pt/alerta-detalhe/art/134964/alerta-de-vulnerabilidade-iis-60-com-webdav advisory
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7269 technical
• https://www.helpnetsecurity.com/2017/03/30/cve-2017-7269/ technical
• http://blog.trendmicro.com/trendlabs-security-intelligence/iis-6-0-vulnerability-leads-code-execution/ technical
• https://github.com/edwardz246003/IIS_exploit technical
• https://dyn.cncs.gov.pt/pt/alerta-detalhe/art/134975/alerta-de-vulnerabilidades-windows-xp advisory
• http://www.securityweek.com/windows-xp-receives-patches-more-shadow-brokers-exploits technical