### [CVE-2018-0886](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0886)
![](https://img.shields.io/static/v1?label=Product&message=Windows&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability".

### POC

#### Reference
- https://github.com/preempt/credssp
- https://www.exploit-db.com/exploits/44453/

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ascotbe/Kernelhub
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Cruxer8Mech/Idk
- https://github.com/DigitalRuby/IPBan
- https://github.com/Flerov/WindowsExploitDev
- https://github.com/GhostTroops/TOP
- https://github.com/ShivaniThadiyan/Azure-Security-privacy-helpdoc
- https://github.com/cranelab/exploit-development
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/jborean93/requests-credssp
- https://github.com/lnick2023/nicenice
- https://github.com/paulveillard/cybersecurity-exploit-development
- https://github.com/preempt/credssp
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/wachira90/fix-credssp
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/ycdxsb/WindowsPrivilegeEscalation