Add files via upload

nu11secur1ty · Mar 20, 2024 · 5040049 · 5040049
1 parent 61d0cd9
commit 5040049
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/2024/CVE-2024-21413/docs/report.txt b/2024/CVE-2024-21413/docs/report.txt
@@ -0,0 +1,29 @@
+## Title: Microsoft Outlook Remote Code Execution Vulnerability
+## Author: nu11secur1ty
+## Date: 03/20/2024
+## Vendor: https://www.microsoft.com/
+## Software: https://www.microsoft.com/en/microsoft-365/outlook/email-and-calendar-software-microsoft-outlook
+## Reference: https://www.bugcrowd.com/glossary/remote-code-execution-rce/
+
+## Description:
+By sending a malicious (.docm) file, to the victim using the Outlook mail – app of 365, the attacker will wait for the victim to click on it by using and executing his malicious code after the victim opens this file. After this action, the attacker can get control of some parts of the Windows services, he can steal sensitive information, and make a bot machine from the victim’s PC.
+
+STATUS: MEDIUM- Vulnerability
+
+
+## Proof and Exploit:
+[href](https://youtu.be/uzAgkP6exGI?si=347wEcTyIzkG0MMY)
+
+## Time spent:
+01:17:00
+
+
+-- 
+System Administrator - Infrastructure Engineer
+Penetration Testing Engineer
+Exploit developer at https://packetstormsecurity.com/ https://cve.mitre.org/index.html
+https://cxsecurity.com/ and https://www.exploit-db.com/
+0day Exploit DataBase https://0day.today/
+home page: https://www.nu11secur1ty.com/
+hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
+                          nu11secur1ty <http://nu11secur1ty.com/>