Common Vulnerabilities and Exposures

Share This Post

CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability

Description:

The exploit works by spraying an IIS server via several large GET HTTP requests and finishes with a malformed HTTP request.

Mitigation:

Windows Server 2019 and Windows 10 version 1809 are not vulnerable by default. Unless you have enabled the HTTP Trailer Support via EnableTrailerSupport registry value, the systems are not vulnerable.

This mitigation only applies to Windows Server 2019 and Windows 10, version 1809 and does not apply to Windows 10, version 20H2 and newer.

More To Explore
cyber-security

Excite Cyber Whitepaper – Data Loss Prevention (DLP) as an Enabler for Secure AI Adoption

AI has moved from experiment to operating model, but its real value—and risk—comes down to your data. With 75% of knowledge workers already using AI tools, often without IT oversight, shadow AI is driving a costly wave of breaches that organisations can’t afford to ignore. This whitepaper cuts through the anxiety to show how Microsoft Purview gives you the discovery, classification, and policy controls to make AI safe and productive, turning data security from a blocker into an AI enabler.

19 May 2026
cyber-security

Excite Cyber Threat Intelligence Report – Q1 2026

Q1 2026 has been defined by speed. Storm-1175, a financially motivated affiliate of the Medusa ransomware-as-a-service operation, has emerged as the quarter’s most aggressive threat to Australian businesses, weaponising newly disclosed vulnerabilities in internet-facing systems and moving from initial breach to full ransomware deployment in as little as 24 hours.

29 April 2026