CVE-2020-0609

BlueGate

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability’.

Installation

git clone https://github.com/ollypwn/BlueGate.git

Usage

BlueGate.py [-h] -M {check,dos} [-P PORT] host

Flags

positional arguments:
  host                  IP address of host

optional arguments:
  -h, --help            show this help message and exit
  -M {check,dos}, --mode {check,dos}
                        Mode
  -P PORT, --port PORT  UDP port of RDG, default: 3391

Examples

$ python3 BlueGate.py -M check 10.10.10.10
[*] Checking if 10.10.10.10 is vulnerable...
[+] Host is vulnerable

URL List

GitHub.com
Nvd.nist.gov