Remote Code Execution and DoS in HTTP.sys (IIS)

Severity: Critical
Summary#

Invicti identified a Remote Code Execution and DoS in HTTP.sys (IIS) (CVE-2015-1635) in the target web server.

The vulnerability allows attackers to execute arbitrary commands on the target system.

Impact#

An attacker can execute arbitrary commands on the system.

Remediation#
Upgrade your system by following these instructions.
Invicti

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo