10 matches found
Indiscriminate Exploitation of Microsoft Exchange Servers (CVE-2021-24085)
The following blog post was co-authored by Andrew Christian and Brendan Watters. Beginning Feb. 27, 2021, Rapid7’s Managed Detection and Response MDR team has observed a notable increase in the automated exploitation of vulnerable Microsoft Exchange servers to upload a webshell granting attackers...
CVE-2021-24085
creationtimestamp| type| source ---|---|--- 2021-02-26 02:38:35+00:00| seen| https://t.me/cibsecurity/24172 2021-06-23 13:27:52+00:00| exploited| https://t.me/bizonechannel/213 2024-11-14 06:08:11+00:00| seen| MISP/2380fc03-4823-4fdc-a6c3-7e74a783d8c4 2025-03-01 01:43:20+00:00|...
CVE-2021-24085
Microsoft Exchange Server CVE-2021-24085 is a spoofing vulnerability described as a Cross-Site Request Forgery/elevation-of-privilege issue involving the msExchEcpCanary CSRF token. A PoC exploit and related tooling exist (e.g., a GitHub PoC titled 'Exploit for CVE-2021-24085'), demonstrating CSR...
Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation Exploit
Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate...
Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation
!/usr/bin/env python3 """ Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability CVE: CVE-2021-24085 Summary This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft Exchange Server. Authentication and...
KLA12068 SUI vulnerabilities in Microsoft Exchange Server
A spoofing vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2021-24085 CVE-2021-1730 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...
Security Updates for Microsoft Exchange Server (February 2021)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by a spoofing vulnerability: - A spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2021-24085 %NASLMINLEVEL 7030...
SRC-2021-0008 : NetMotion Mobility Server webrepdb StatusServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers execute arbitrary code on affected installations of NetMotion Mobility Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the StatusServlet class. The issue results from the lack o...
SRC-2021-0006 : NetMotion Mobility Server RpcServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers execute arbitrary code on affected installations of NetMotion Mobility Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RpcServlet class. The issue results from the lack of...
SRC-2021-0004 : Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft Exchange Server. Authentication and user interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with...