Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-11885 — Improper Input Validation in Corporation Microsoft Windows

CWE-20 — Improper Input Validation14 documents8 sources

Severity

6.6MEDIUMNVD

EPSS

64.7%

top 1.53%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Corporation Microsoft Windows Microsoft Windows 10 Microsoft Windows Server 2008 +16 more

Timeline

PublishedDec 12

Latest updateMay 14

Description

Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service handles requests, aka "Windows RRAS Service Remote Code Execution Vulnerability".

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.7 | Impact: 5.9

Affected Packages17 packages

▶msrcmsrc/windows_server_version_1709

▶msrcmsrc/windows_server_2008

▶msrcmsrc/windows_server_2012

▶msrcmsrc/windows_server_2016

▶msrcmsrc/windows_server_2008_r2

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-9v5f-8fvr-6hf3: Windows 7 SP1, Windows 8↗2022-05-14

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution↗2018-05-13

▶

🔍Detection Rules

Suricata

ET NETBIOS Microsoft Windows RRAS SMB Remote Code Execution↗2018-07-11

▶

📋Vendor Advisories

Microsoft

Windows RRAS Service Remote Code Execution Vulnerability↗2017-12-12

▶