Home / os / win10

Microsoft OMI Management Interface Authentication Bypass

Posted on 28 October 2021

By removing the authentication header, an attacker can issue an HTTP request to the OMI management endpoint that will cause it to execute an operating system command as the root user. This vulnerability was patched in OMI version 1.6.8-1 (released September 8th 2021).

 

TOP

Malware :

Exploits :