Exploit for Vulnerability in Microsoft CVE-2022-26809

Name: Exploit for Vulnerability in Microsoft CVE-2022-26809
Rating: 5 (286 reviews)

2022-06-08 | CVSS 10.0

## https://sploitus.com/exploit?id=11042BCC-1F42-5B57-B4AE-C5167CE829D6
# CVE-2022-26809-RCE-POC
writeup and poc for cve-2022-26809


CVE-2022-26809 Vulnerabillity in cre windows componen(RPC) with a high cvss score of 9.8

# details:
the vulnerability is in this function
* OFS_CASSOCIATION::ProcessBindArckOrNak()
* ps: yes its a client-side function that parsing the bind_ack response
when calling the the EfsRpcDecyptFileSrv() efs rpc function of the vulnerable server it 
starts a bind request to ... more details in the writeup > https://satoshidisk.com/pay/CFNsN8  here you can found the writeup and poc written in python.
only 2 limited copies are left 


# affected products:
- Windows 10 Pro Build 10.0.10240 x64
- Windows 10 Pro Build 10.0.19042 x64
- Windows 10 Pro Build 10.0.19044 x64
- Windows Server 2019 x64
- Windows Server 2022 x64
- Windows 7 SP3 x64
- and more...
# ports:
- smb 445



[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2Fscoobydoobi%2FCVE-2022-26809-RCE-POC&count_bg=%2379C83D&title_bg=%23555555&icon=opsgenie.svg&icon_color=%23E7E7E7&title=smb&edge_flat=false)](https://hits.seeyoufarm.com)