yaracroft : "+ (PoC) **CVE-2023-23397** > An attacker is able…" - nanao

yaracroft @venom@nanao.cybtex.fr

(PoC) CVE-2023-23397

An attacker is able to force a victim to make a connection to its server without manipulation from the user (zero click vulnerability). An attacker exploiting this vulnerability retrieves a NetNTLMv2 digest based on the password of the trapped user through an SMB request #microsoft #vuln #outlook #software #threats #informatique

https://github.com/Trackflaw/CVE-2023-23397

22 mar. 2023, 16:36 · · · ·

Inscrivez-vous pour prendre part à la conversation