NOMISEC-hycheng15/CVE-2022-30190

NOMISEC WORKING POC

Exploit for CVE-2022-30190 - Microsoft Office Word MSDTJS

AI Analysis

This repository contains a Python script that generates a malicious Word document exploiting CVE-2022-30190 (Follina). The exploit leverages the MS-MSDT protocol to execute arbitrary commands, including launching a reverse shell via netcat.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1204.002 - Malicious File T1190 - Exploit Public-Facing Application T1059.001 - PowerShell

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type client-side

Files 24

https://github.com/hycheng15/CVE-2022-30190

Stars 1

Forks 0

Last Push Nov 14, 2023

Authors

JohnHammond hycheng15

Vulnerability

CVE-2022-30190

Microsoft Office Word MSDTJS

HIGH KEV

CVSS 7.8