Microsoft Windows RD Gateway Remote Code Execution Vulnerability
漏洞信息
漏洞名称: Microsoft Windows RD Gateway Remote Code Execution Vulnerability
漏洞编号:
- CVE: CVE-2020-0610
漏洞类型: 命令执行
漏洞等级: 严重
漏洞描述: ### 受影响产品
Microsoft Windows远程桌面网关(RD Gateway)是微软提供的一种服务,允许用户通过互联网安全地连接到内部企业网络资源。它广泛用于企业环境中,支持远程工作场景,是许多组织IT基础设施的关键组成部分。
漏洞说明
此漏洞属于命令执行类型,源于RD Gateway处理特制请求时的缺陷。未经身份验证的攻击者可以通过RDP发送精心构造的请求,触发远程代码执行。技术根源在于输入验证不足,导致攻击者能够利用此漏洞在目标系统上执行任意代码。
影响分析
此漏洞的安全风险极高,被评为“严重”级别。攻击者利用此漏洞可以在未授权的情况下远程执行代码,可能导致完全控制受影响的系统。这不仅会导致数据泄露、服务中断,还可能被用于横向移动攻击企业内部网络。由于攻击无需用户交互即可自动执行,因此增加了被大规模利用的风险。企业应立即应用微软提供的安全更新,以防范潜在的攻击。
产品厂商: Microsoft
产品名称: Microsoft Windows Remote Desktop Gateway (RD Gateway)
搜索语法: cpe:”cpe:2.3:o:microsoft:windows_server_2012”
来源: https://github.com/projectdiscovery/nuclei-templates/issues/12766
类型: projectdiscovery/nuclei-templates:github issues
来源概述
Description:
Microsoft Windows Remote Desktop Gateway (RD Gateway) contains a remote code execution caused by specially crafted requests from unauthenticated attackers via RDP, letting remote attackers execute arbitrary code, exploit requires RDP access and sending crafted requests.
Severity: Critical
POC:
- https://vulncheck.com/xdb/3a3f10478ff3
- https///gitlab.com:ind3p3nd3nt/BlueGate.git
KEV: True
Shodan Query: cpe:"cpe:2.3:o:microsoft:windows_server_2012"
Acceptance Criteria: The template must include a complete POC and should not rely solely on version-based detection. Contributors are required to provide debug data(
-debug) along with the template to help the triage team with validation or can also share a vulnerable environment like docker file.
Rewards will only be given once the template is fully validated by the team. Templates that are incomplete or invalid will not be accepted. Avoid adding code templates for CVEs that can be achieved using HTTP, TCP, or JavaScript. Such templates are blocked by default and won’t produce results, so we prioritize creating templates with other protocols unless exceptions are made.
You can check the FAQ for the Nuclei Templates Community Rewards Program here.