## https://sploitus.com/exploit?id=11042BCC-1F42-5B57-B4AE-C5167CE829D6
# CVE-2022-26809-RCE-POC
writeup and poc for cve-2022-26809
CVE-2022-26809 Vulnerabillity in cre windows componen(RPC) with a high cvss score of 9.8
# details:
the vulnerability is in this function
* OFS_CASSOCIATION::ProcessBindArckOrNak()
* ps: yes its a client-side function that parsing the bind_ack response
when calling the the EfsRpcDecyptFileSrv() efs rpc function of the vulnerable server it
starts a bind request to ... more details in the writeup > https://satoshidisk.com/pay/CFNsN8 here you can found the writeup and poc written in python.
only 2 limited copies are left
# affected products:
- Windows 10 Pro Build 10.0.10240 x64
- Windows 10 Pro Build 10.0.19042 x64
- Windows 10 Pro Build 10.0.19044 x64
- Windows Server 2019 x64
- Windows Server 2022 x64
- Windows 7 SP3 x64
- and more...
# ports:
- smb 445
[](https://hits.seeyoufarm.com)