Choose a security vulnerability. Develop a test environment to demonstrate the chosen vulnerability

Problem:

Choose a security vulnerability. Develop a test environment to demonstrate the chosen vulnerability

Main activities to do :

1. Choose a significant and a most relevant CVE (vulnerability), we prefer a CVE of 2016 or 2017. Include the details about things like impact etc.
2. Briefly explain and document the source of the chosen vulnerability and the causes in one page roughly(A direct copy of CVE report is not allowed)
3. Identify a system or systems where this vulnerability currently exist.
4. Build a test environment which is vulnerable to chosen issue. The test environment should be saved as a Virtual box VM image. Credential for the test environment must be

How the report looks like:

• Explanation and documentation of vulnerability (activity no.2)
• Existence of the vulnerability in production systems (activity no.3)
• Development of the test environment (short explanation, include step by step screenshot)
• Demonstrate how the chosen vulnerability can be exploited in the test environment (use Kali for demonstration ,screen shots are required)
• Mitigation and prevention strategies for the exploit ( proper mitigations other than patching )

Please take note on below:

• Instead of using metasploit to exploit the vulnerability we prefer to develop an exploit code
• It is not preferable to present overly simple exploits such as (but not limited to) default credentials or basic SQL injection.