A stack-based buffer overflow vulnerability. Attackers could send a crafted WS-Discovery message with an overly long "MIME-Version" string to execute arbitrary code with service-level privileges.
Port 5357 is a common sight during Windows penetration tests, often identified as or WSDAPI (Web Services for Devices API). While often overlooked, it serves as a critical discovery point for local network reconnaissance and legacy exploitation. Service Overview: WSDAPI port 5357 hacktricks
: If network discovery is not required, this service can be disabled by turning off "Network Discovery" in the Windows Sharing settings or blocking the port via Windows Defender Firewall . How to block TCP port 445 in Windows - ManageEngine A stack-based buffer overflow vulnerability