Lucene search
K

87 matches found

githubexploit
githubexploit
added 2021/03/12 12:47 p.m.114 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855-Scanner Scanner and PoC for CVE-2021-26855 Cr...

9.8CVSS8.9AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/11 8:51 p.m.218 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855 PoC of proxylogon chain SSRFCVE-2021-26855 to...

9.8CVSS8.9AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/11 7:35 p.m.103 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855 CVE-2021-26855, also known as Proxylogon, is a...

9.8CVSS9.6AI score0.99999EPSS
Exploits65
zdt
zdt
added 2021/03/11 12:0 a.m.228 views

Microsoft Exchange 2019 - SSRF to Arbitrary File Write (Proxylogon) Exploit

Exploit Title: Microsoft Exchange 2019 - SSRF to Arbitrary File Write Proxylogon Date: 2021-03-10 Exploit Author: testanull Vendor Homepage: https://www.microsoft.com Version: MS Exchange Server 2013, 2016, 2019 CVE: 2021-26855, 2021-27065 import requests from urllib3.exceptions import...

9.8CVSS0.5AI score0.99999EPSS
Exploits65
exploitdb
exploitdb
added 2021/03/11 12:0 a.m.4444 views

Microsoft Exchange 2019 - Server-Side Request Forgery (Proxylogon) (PoC)

Exploit Title: Microsoft Exchange 2019 - SSRF to Arbitrary File Write Proxylogon Date: 2021-03-10 Exploit Author: testanull Vendor Homepage: https://www.microsoft.com Version: MS Exchange Server 2013, 2016, 2019 CVE: 2021-26855, 2021-27065 import requests from urllib3.exceptions import...

7.4AI score
Exploits0
githubexploit
githubexploit
added 2021/03/10 5:21 a.m.115 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855PoC My early SSRF payloads CVE-2021-26855 ove...

9.8CVSS9.7AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/09 4:54 p.m.221 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855-PoC PoC exploit code for CVE-2021-26855. Orig...

9.8CVSS9.6AI score0.99999EPSS
Exploits72
githubexploit
githubexploit
added 2021/03/09 2:27 p.m.245 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855-PoC PoC exploit code for CVE-2021-26855. Orig...

9.8CVSS9.6AI score0.99999EPSS
Exploits65
talosblog
talosblog
added 2021/03/08 10:18 a.m.506 views

Threat Advisory: HAFNIUM and Microsoft Exchange zero-day

Microsoft released patches for four vulnerabilities in Exchange Server on March 2, disclosing that these vulnerabilities were being exploited by a previously unknown threat actor, referred to as HAFNIUM. The vulnerabilities in question — CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and...

7.5CVSS1.2AI score0.99999EPSS
Exploits66
githubexploit
githubexploit
added 2021/03/08 7:28 a.m.275 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855SSRF CVE-2021-26855 Exchange...

9.8CVSS9.5AI score0.99999EPSS
Exploits64
nessus
nessus
added 2021/03/08 12:0 a.m.358 views

Microsoft Exchange Server Authentication Bypass

Binary data exchangecve-2021-26855.nbin...

9.8CVSS10AI score0.99999EPSS
Exploits63References6
hackerone
hackerone
added 2021/03/07 11:37 a.m.742 views

U.S. Dept Of Defense: CVE-2021-26855 on ████████ resulting in SSRF

Description: CVE-2021-26855 exists on ███████ resulting in SSRF References https://vulners.com/cve/CVE-2021-26855 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855 Impact Server Side Request Frogery System Hosts ███████ Affected Products and Versions CVE Numbers...

7.5CVSS0.7AI score0.99999EPSS
Exploits63
hackerone
hackerone
added 2021/03/07 11:31 a.m.1638 views

U.S. Dept Of Defense: SSRF due to CVE-2021-26855 on ████████

Description: There exists a Server Side Request Frogery SSRF on █████████ due to CVE-2021-26855 References https://vulners.com/cve/CVE-2021-26855 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855 Impact Server Side Request Frogery System Hosts ██████ Affected...

7.5CVSS0.5AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/07 12:55 a.m.5 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855-SSRF-Exchange CVE-2021-26855 SSRF Exchange Serv...

9.8CVSS9.7AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/07 12:55 a.m.167 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855-SSRF-Exchange CVE-2021-26855 SSRF Exchange Serv...

9.8CVSS9.5AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/06 7:3 p.m.157 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2021-26855-SSRF-Poc This script helps to identify CVE-202...

9.8CVSS8.8AI score0.99999EPSS
Exploits63
githubexploit
githubexploit
added 2021/03/06 9:15 a.m.100 views

Exploit for Server-Side Request Forgery in Microsoft

MicrosoftExchangeServerSSRFCVE-2021-26855 zoomeye dork:...

9.8CVSS7.3AI score0.99999EPSS
Exploits63
fireeye
fireeye
added 2021/03/04 12:0 a.m.597 views

Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities

Beginning in January 2021, Mandiant Managed Defense observed multiple instances of abuse of Microsoft Exchange Server within at least one client environment. The observed activity included creation of web shells for persistent access, remote code execution, and reconnaissance for endpoint securit...

7.5CVSS9.8AI score0.99999EPSS
Exploits66References10
qualysblog
qualysblog
added 2021/03/03 10:12 p.m.1797 views

Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR

Update March 10, 2021: A new section describes how to respond with mitigation controls if patches cannot be applied, as recommended by Microsoft. This section details the Qualys Policy Compliance control ids for each vulnerability. Update March 8, 2021: Qualys has released an additional QID: 5010...

7.5CVSS0.1AI score0.99999EPSS
Exploits69
threatpost
threatpost
added 2021/03/03 3:30 p.m.572 views

Microsoft Exchange 0-Day Attackers Spy on U.S. Targets

Microsoft has spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange Server. Adversaries have been able to access email accounts, steal a raft of data and drop malware on target machines for long-term remote access, according to the computin...

10AI score0.99999EPSS
Exploits66References8
Rows per page
Query Builder