CVE-2026-25172

HIGH

Windows Server 2012, 2016, 2019, 2022, 2025 - Authenticated RCE via Integer Overflow in RRAS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-25172. PoCs published by Dhananjayasj.

AI-analyzed exploit summary The repository contains a functional exploit PoC for CVE-2026-25172, targeting an integer overflow vulnerability in the Windows RRAS service. The Python script simulates a malicious RRAS server that sends a malformed payload to trigger a DoS or potential RCE on vulnerable Windows 11 systems.

Description

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Exploits (1)

github WORKING POC

by Dhananjayasj · pythonpoc

https://github.com/Dhananjayasj/RRAS-VULNERABILITY-CVE-2026-25172-CVE-2026-25173-CVE-2026--26111

View Code ZIP pw:eip

The repository contains a functional exploit PoC for CVE-2026-25172, targeting an integer overflow vulnerability in the Windows RRAS service. The Python script simulates a malicious RRAS server that sends a malformed payload to trigger a DoS or potential RCE on vulnerable Windows 11 systems.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Windows 11 RRAS (builds lower than 26100.7982 or 26200.7982)

No auth needed

Prerequisites: Unpatched Windows 11 system · Network connectivity to the malicious server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed May 30, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-25172

Scores

CVSS v3 8.0

EPSS 0.0090

EPSS Percentile 54.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-122 CWE-190

Status published

Products (29)

Microsoft/Windows 10 Version 1607 10.0.14393.0 - 10.0.14393.8957

Microsoft/Windows 10 Version 1809 10.0.17763.0 - 10.0.17763.8511

Microsoft/Windows 10 Version 21H2 10.0.19044.0 - 10.0.19044.7058

Microsoft/Windows 10 Version 22H2 10.0.19045.0 - 10.0.19045.7058

Microsoft/Windows 11 version 22H3 10.0.22631.0 - 10.0.22631.6783

Microsoft/Windows 11 Version 23H2 10.0.22631.0 - 10.0.22631.6783

Microsoft/Windows 11 Version 24H2 10.0.26100.0 - 10.0.26100.8037

Microsoft/Windows 11 Version 25H2 10.0.26200.0 - 10.0.26200.8037

Microsoft/Windows 11 version 26H1 10.0.28000.0 - 10.0.28000.1719

Microsoft/Windows 11 Version 26H1 10.0.28000.0 - 10.0.28000.1719

... and 19 more

Published Mar 10, 2026

Tracked Since Mar 11, 2026