Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1535

CWE-287 — Improper Authentication5 documents4 sources

Severity

7.5HIGH

EPSS

91.8%

top 0.31%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Internet Information Services

Timeline

PublishedJun 10

Latest updateMay 2

Description

The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a "/protected/" initial pathname component to bypass the password protection on the protected\ folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability," a different vulner…

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/internet_information_services5.1, 6.0+1

Patches

Patch: docs.microsoft.com ↗Patch: docs.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-f2c7-qmx6-wq66: The WebDAV extension in Microsoft Internet Information Services (IIS) 5↗2022-05-02

▶

CVEList

CVE-2009-1535: The WebDAV extension in Microsoft Internet Information Services (IIS) 5↗2009-06-10

▶

💥Exploits & PoCs

Exploit-DB

Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (2)↗2009-05-26

▶

Exploit-DB

Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (1)↗2009-05-15

▶