Exploitation Summary
EIP tracks 1 public exploit for CVE-2022-44666. PoCs published by j00sean.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-44666, which involves an HTML injection vulnerability in Microsoft Windows Contacts. The exploit leverages crafted .contact or VCF files and LDAP protocol handlers to achieve arbitrary command execution.
Description
Windows Contacts Remote Code Execution Vulnerability
Exploits (1)
nomisec
WORKING POC
155 stars
by j00sean · poc
https://github.com/j00sean/CVE-2022-44666
This repository contains a proof-of-concept exploit for CVE-2022-44666, which involves an HTML injection vulnerability in Microsoft Windows Contacts. The exploit leverages crafted .contact or VCF files and LDAP protocol handlers to achieve arbitrary command execution.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target:
Microsoft Windows Contacts (wab.exe), Windows 10/11
No auth needed
Prerequisites:
Victim must open a malicious .contact or VCF file or click an LDAP URI · LDAP server controlled by attacker for URI-based exploitation
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44666
Scores
CVSS v3
7.8
EPSS
0.4043
EPSS Percentile
98.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
Status
published
Products (19)
microsoft/windows_10
microsoft/windows_10
20h2
microsoft/windows_10
21h1
microsoft/windows_10
21h2
microsoft/windows_10
22h2
microsoft/windows_10
1607
microsoft/windows_10
1809
microsoft/windows_11
microsoft/windows_11
22h2
microsoft/windows_7
... and 9 more
Published
Dec 13, 2022
Tracked Since
Feb 18, 2026