Skip to main content

CVE-2024-21378

Description

Microsoft Outlook Remote Code Execution Vulnerability

Microsoft Corporation
Severity: HIGH
CVE ID: CVE-2024-21378
CVSS Score: 8.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

d0rb

This repository contains an exploit for targeting Microsoft Outlook through Exchange Online, leveraging a vulnerability to execute arbitrary code via COM DLLs. The exploit utilizes a modified version of Ruler to send a malicious form as an email, triggering the execution upon user interaction within the Outlook thick client.

Refrence: GitHub

Description
Proof Of Concept