CVE-2010-4669

Microsoft Windows IPv6 Stack - Denial of Service via Neighbor Discovery Router Advertisement Flood

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4669. PoCs published by wrong-commit.

AI-analyzed exploit summary This repository contains a functional Python2-based exploit for CVE-2010-4669, which targets a vulnerability in IPv6 router advertisement handling. The exploit floods the network with crafted ICMPv6 router advertisement packets, potentially causing denial-of-service conditions.

Description

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package.

Exploits (1)

nomisec WORKING POC
by wrong-commit · poc
https://github.com/wrong-commit/CVE-2010-4669

This repository contains a functional Python2-based exploit for CVE-2010-4669, which targets a vulnerability in IPv6 router advertisement handling. The exploit floods the network with crafted ICMPv6 router advertisement packets, potentially causing denial-of-service conditions.

Classification
Working Poc 95%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: IPv6 implementations (various vendors)
No auth needed
Prerequisites: Python2 · Scapy · Root privileges · Network interface access
mistral-large-3 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45760
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64583

Scores

EPSS 0.2911
EPSS Percentile 97.9%

Details

CWE
CWE-399
Status published
Products (5)
microsoft/windows_2003_server
microsoft/windows_7
microsoft/windows_server_2008
microsoft/windows_vista
microsoft/windows_xp
Published Jan 07, 2011
Tracked Since Feb 18, 2026