Lucene search
+L

10 matches found

Rapid7 Blog
Rapid7 Blog
added 2021/03/02 7:53 p.m.1024 views

Indiscriminate Exploitation of Microsoft Exchange Servers (CVE-2021-24085)

The following blog post was co-authored by Andrew Christian and Brendan Watters. Beginning Feb. 27, 2021, Rapid7’s Managed Detection and Response MDR team has observed a notable increase in the automated exploitation of vulnerable Microsoft Exchange servers to upload a webshell granting attackers...

1.6AI score0.99999EPSS
Exploits71
Circl
Circl
added 2021/02/26 2:38 a.m.25 views

CVE-2021-24085

creationtimestamp| type| source ---|---|--- 2021-02-26 02:38:35+00:00| seen| https://t.me/cibsecurity/24172 2021-06-23 13:27:52+00:00| exploited| https://t.me/bizonechannel/213 2024-11-14 06:08:11+00:00| seen| MISP/2380fc03-4823-4fdc-a6c3-7e74a783d8c4 2025-03-01 01:43:20+00:00|...

6.5CVSS7.6AI score0.04627EPSS
Exploits7References3
CVE
CVE
added 2021/02/25 11:1 p.m.374 views

CVE-2021-24085

Microsoft Exchange Server CVE-2021-24085 is a spoofing vulnerability described as a Cross-Site Request Forgery/elevation-of-privilege issue involving the msExchEcpCanary CSRF token. A PoC exploit and related tooling exist (e.g., a GitHub PoC titled 'Exploit for CVE-2021-24085'), demonstrating CSR...

6.5CVSS6.2AI score0.04627EPSS
Exploits7References1Affected Software1
0day.today
0day.today
added 2021/02/24 12:0 a.m.99 views

Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation Exploit

Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate...

6.5CVSS6.2AI score0.04627EPSS
Exploits7
Packet Storm
Packet Storm
added 2021/02/24 12:0 a.m.832 views

Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation

!/usr/bin/env python3 """ Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability CVE: CVE-2021-24085 Summary This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft Exchange Server. Authentication and...

0.7AI score0.04627EPSS
Exploits7
Kaspersky
Kaspersky
added 2021/02/09 12:0 a.m.54 views

KLA12068 SUI vulnerabilities in Microsoft Exchange Server

A spoofing vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit this vulnerability to spoof user interface. Original advisories CVE-2021-24085 CVE-2021-1730 Exploitation Malware exists for this vulnerability. Usually such malware is classified as Exploit. More...

6.5CVSS6.3AI score0.04627EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2021/02/09 12:0 a.m.90 views

Security Updates for Microsoft Exchange Server (February 2021)

The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by a spoofing vulnerability: - A spoofing vulnerability exists. An attacker can exploit this to perform actions with the privileges of another user. CVE-2021-24085 %NASLMINLEVEL 7030...

6.5CVSS7.7AI score0.04627EPSS
Exploits7References2
Source Incite
Source Incite
added 2020/11/19 12:0 a.m.60 views

SRC-2021-0008 : NetMotion Mobility Server webrepdb StatusServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers execute arbitrary code on affected installations of NetMotion Mobility Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the StatusServlet class. The issue results from the lack o...

9.3CVSS6.9AI score0.41844EPSS
Exploits8
Source Incite
Source Incite
added 2020/11/19 12:0 a.m.63 views

SRC-2021-0006 : NetMotion Mobility Server RpcServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers execute arbitrary code on affected installations of NetMotion Mobility Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RpcServlet class. The issue results from the lack of...

9.3CVSS6.9AI score0.13276EPSS
Exploits8
Source Incite
Source Incite
added 2020/05/20 12:0 a.m.77 views

SRC-2021-0004 : Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability

Vulnerability Details: This vulnerability allows remote attackers escalate privileges on affected installations of Microsoft Exchange Server. Authentication and user interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with...

6.5CVSS6.1AI score0.04627EPSS
Exploits7
Rows per page
Query Builder