← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-31166 — Actively Exploited: HTTP Protocol Stack (Microsoft)

Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.

CVE IDCVE-2021-31166
VendorMicrosoft
ProductHTTP Protocol Stack
Vulnerability nameMicrosoft HTTP Protocol Stack Remote Code Execution Vulnerability
Date added2022-04-06
Remediation due2022-04-27
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionMicrosoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →