CVE-2025-49729: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

How could an attacker exploit this vulnerability?

An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server via the Routing and Remote Access Service (RRAS) Snap-in. This could result in the server returning malicious data that might cause arbitrary code execution on the user’s system.