Subscribe via feed.

Microsoft .diagcab Directory Traversal / Code Execution

Posted by deepcore on January 19, 2020 – 1:18 am

A flaw in the implementation of Microsoft’s Troubleshooter technology could lead to remote code execution if a crafted .diagcab file is opened by the victim. The exploit leverages a rogue webdav server to trick MSDT to drop files to attacker controller locations on the file system.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »