Print Spooler Remote DLL Injection

Discussion in 'News Aggregator' started by Packet Storm, 25 May 2022.

  1. Packet Storm

    Packet Storm Guest

    The print spooler service can be abused by an authenticated remote attacker to load a DLL through a crafted DCERPC request, resulting in remote code execution as NT AUTHORITY\SYSTEM. This module uses the MS-RPRN vector which requires the Print Spooler service to be running.

    Continue reading...
     

Share This Page

Loading...