Lucene search

E91E406E-5E34-5CDA-96B5-1A4A0FA4C41D

HistoryFeb 02, 2023 - 1:20 p.m.

Exploit for Server-Side Request Forgery in Microsoft

2023-02-0213:20:45

microsoft

exchange

cve-2021-26855

cve-2021-27065

rce

security

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

Low

EPSS

0.975

Percentile

100.0%

JSON

Microsoft-Exchange-RCE

Micro…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

githubexploit

Exploit for Server-Side Request Forgery in Microsoft

2021-03-15 12:33:04

Exploit for Vulnerability in Microsoft

2021-03-24 01:12:48

Exploit for Vulnerability in Microsoft

2021-03-09 14:27:06

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2021-26855; CVE-2021-27065)

2021-03-02 00:00:00

packetstorm

Microsoft Exchange ProxyLogon Remote Code Execution

2021-03-23 00:00:00

Microsoft Exchange ProxyLogon Scanner

2024-09-01 00:00:00

Microsoft Exchange ProxyLogon Collector

2021-05-21 00:00:00

zdt

Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit

2021-03-11 00:00:00

Microsoft Exchange ProxyLogon Remote Code Execution Exploit

2021-03-23 00:00:00

Microsoft Exchange 2019 - Unauthenticated Email Download Exploit

2021-05-21 00:00:00

mmpc

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

2021-03-25 21:21:07

HAFNIUM targeting Exchange Servers with 0-day exploits

2021-03-02 21:07:53

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

2021-03-18 22:00:47

mssecure

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

2021-03-25 21:21:07

HAFNIUM targeting Exchange Servers with 0-day exploits

2021-03-02 21:07:53

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

2021-03-18 22:00:47

attackerkb

CVE-2021-27065

2021-03-03 00:00:00

CVE-2021-26855

2021-03-03 00:00:00

Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain

2023-12-29 00:00:00

metasploit

Microsoft Exchange ProxyLogon Scanner

2021-03-07 13:37:20

Microsoft Exchange ProxyLogon RCE

2021-03-12 23:49:45

Microsoft Exchange ProxyLogon Collector

2021-03-09 19:52:01

exploitdb

Microsoft Exchange 2019 - Server-Side Request Forgery (Proxylogon) (PoC)

2021-03-11 00:00:00

Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)

2021-05-21 00:00:00

Microsoft Exchange 2019 - Server-Side Request Forgery

2021-03-14 00:00:00

mskb

Remove specific prevalent malware with Windows Malicious Software Removal Tool (KB890830)

2021-01-12 00:00:00

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 2, 2021 (KB5000871)

2021-03-02 08:00:00

threatpost

Attackers Target ProxyLogon Exploit to Install Cryptojacker

2021-04-15 12:19:13

CISA Orders Fed Agencies to Patch Exchange Servers

2021-03-04 17:08:36

Microsoft Exchange Servers Face APT Attack Tsunami

2021-03-11 18:01:16

ics

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

2022-10-05 12:00:00

Mitigate Microsoft Exchange Server Vulnerabilities

2021-07-19 12:00:00

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

2022-03-01 12:00:00

talosblog

Threat Advisory: HAFNIUM and Microsoft Exchange zero-day

2021-03-08 10:18:43

What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads

2022-07-27 12:00:00

akamaiblog

How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange

2021-03-15 22:30:00

Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool

2021-03-15 22:15:00

Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks

2021-03-24 14:00:00

securelist

Zero-day vulnerabilities in Microsoft Exchange Server

2021-03-04 17:20:57

A deep dive into the most interesting incident response cases of last year

2024-09-03 11:00:24

Tomiris called, they want their Turla malware back

2023-04-24 08:00:22

msrc

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 18:44:28

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

thn

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

2021-03-03 07:28:00

Microsoft Exchange Cyber Attack — What Do We Know So Far?

2021-03-08 10:15:00

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

2024-06-20 10:22:00

cisa

Microsoft Releases Out-of-Band Security Updates for Exchange Server

2021-03-02 00:00:00

hivepro

Have you patched the vulnerabilities in Microsoft Exchange Server?

2021-08-18 11:01:05

BackdoorDiplomacy targets the telecom industry in the Middle East

2022-12-08 07:20:51

AvosLocker Ransomware group has targeted 50+ Organizations Worldwide

2022-03-24 06:30:44

krebs

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

2021-03-02 21:19:17

fireeye

Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities

2021-03-04 00:00:00

impervablog

Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures

2021-03-26 15:06:38

malwarebytes

Patch now! Exchange servers attacked by Hafnium zero-days

2021-03-03 12:34:27

Microsoft Exchange attacks cause panic as criminals go shell collecting

2021-03-09 19:59:37

AvosLocker ransomware uses Microsoft Exchange Server vulnerabilities, says FBI

2022-03-21 21:09:12

carbonblack

TAU Threat Advisory: Microsoft Exchange Servers Targeted with Four Zero-day Exploits

2021-03-08 21:05:13

cve

CVE-2021-27065

2021-03-03 00:15:12

CVE-2021-26855

2021-03-03 00:15:12

saint

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

cisa_kev

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

nessus

Microsoft Exchange Server Authentication Bypass

2021-03-08 00:00:00

Security Updates for Microsoft Exchange Server (March 2021)

2021-03-03 00:00:00

cvelist

CVE-2021-26855 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:26

CVE-2021-27065 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:28

hackerone

U.S. Dept Of Defense: CVE-2021-26855 on ████████ resulting in SSRF

2021-03-07 11:37:32

U.S. Dept Of Defense: SSRF due to CVE-2021-26855 on ████████

2021-03-07 11:31:33

nvd

CVE-2021-27065

2021-03-03 00:15:12

CVE-2021-26855

2021-03-03 00:15:12

prion

Remote code execution

2021-03-03 00:15:00

Remote code execution

2021-03-03 00:15:00

qualysblog

Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0

2022-06-22 21:23:51

Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR

2021-03-03 22:12:19

The Rise of Ransomware

2021-10-05 12:50:00

rapid7blog

Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day

2021-03-03 00:41:04

Defending Against the Zero Day: Analyzing Attacker Behavior Post-Exploitation of Microsoft Exchange

2021-03-23 14:04:36

Metasploit Wrap-Up

2021-03-26 17:36:13

nuclei

Microsoft Exchange Server SSRF Vulnerability

2021-03-06 07:00:59

Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting

2021-11-12 18:25:15

Exchange Server - Remote Code Execution

2021-08-10 07:59:06

kaspersky

KLA12103 ACE vulnerabilities in Microsoft Exchange Server

2021-03-02 00:00:00

wallarmlab

Web vulnerabilities exploit weekly digest #1. March 8-15th 2021. VMware vCenter and Apache OFBiz RCE.

2021-03-16 18:22:00

Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API

2021-03-21 13:09:00

avleonov

Vulnerability Management news and publications #2

2022-08-14 11:30:44

Joint Advisory AA22-279A and Vulristics

2022-10-21 20:10:13

Vulristics: Microsoft Patch Tuesdays Q1 2021

2021-03-26 02:47:52

mscve

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

googleprojectzero

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

Low

EPSS

0.975

Percentile

100.0%

JSON

Exploit for Server-Side Request Forgery in Microsoft

Microsoft-Exchange-RCE

Related