CVE-2007-3157

SafeNET High Assurance Remote and SoftRemote - Denial of Service via Invalid IPv6 IPSec Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-3157. PoCs published by mu-b.

AI-analyzed exploit summary This exploit triggers a kernel-level (Ring0) denial-of-service (DoS) in SafeNet HighAssurance Remote by sending a malformed IPv6 packet with a poisoned option header, causing an infinite loop in IPSecDrv.sys. It uses libnet to craft and send the packet.

Description

IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · cdoswindows

https://www.exploit-db.com/exploits/4047

View Code ZIP pw:eip

This exploit triggers a kernel-level (Ring0) denial-of-service (DoS) in SafeNet HighAssurance Remote by sending a malformed IPv6 packet with a poisoned option header, causing an infinite loop in IPSecDrv.sys. It uses libnet to craft and send the packet.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: SafeNet HighAssurance Remote 1.4.0 (Build 12)

No auth needed

Prerequisites: Network access to the target · Target must be running SafeNet HighAssurance Remote 1.4.0 · Target must be on the same local subnet unless IPv6 is used

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →