CVE-2016-10079

HIGH

SAPlpd < 7400.3.11.33 - Denial of Service via Long String to TCP Port 515

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-10079. PoCs published by Peter Baris.

AI-analyzed exploit summary This exploit triggers a Denial of Service (DoS) in SAPlpd 7.40 by sending a malformed packet with opcodes 03h and 04h, followed by 800 'A' characters. The vulnerability arises from improper handling of bad characters (00h and 0ah) in the protocol.

Description

SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515.

Exploits (1)

exploitdb WORKING POC

by Peter Baris · pythondoswindows

https://www.exploit-db.com/exploits/41030

View Code ZIP pw:eip

This exploit triggers a Denial of Service (DoS) in SAPlpd 7.40 by sending a malformed packet with opcodes 03h and 04h, followed by 800 'A' characters. The vulnerability arises from improper handling of bad characters (00h and 0ah) in the protocol.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: SAPlpd 7.40 (part of SAPGui 7.40)

No auth needed

Prerequisites: Network access to the target SAPlpd service on port 515

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/41030/

Scores

CVSS v3 7.5

EPSS 0.0650

EPSS Percentile 92.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-20

Status published

Products (1)

sap/saplpd < 7400.3.11.33

Published Feb 01, 2017

Tracked Since Feb 18, 2026