Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2022/11/06 12:0 a.m.23 views

Microsoft Exchange Server Remote Code Execution (CVE-2022-23277)

A remote code execution vulnerability exists in Microsoft Exchange Server. The vulnerability is due to improper handling of EWS requests containing malicious UserConfiguration objects...

6.5CVSS2.5AI score0.40789EPSS
Exploits3
0day.today
0day.today
added 2022/08/22 12:0 a.m.675 views

Microsoft Exchange Server ChainedSerializationBinder Remote Code Execution Exploit

This Metasploit module exploits vulnerabilities within the ChainedSerializationBinder as used in Exchange Server 2019 CU10, Exchange Server 2019 CU11, Exchange Server 2016 CU21, and Exchange Server 2016 CU22 all prior to Mar22SU. Note that authentication is required to exploit these...

8.8CVSS8.2AI score0.90388EPSS
Exploits9
Packet Storm
Packet Storm
added 2022/08/22 12:0 a.m.683 views

Microsoft Exchange Server ChainedSerializationBinder Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nokogiri' class MetasploitModule 'Microsoft Exchange Server ChainedSerializationBinder RCE', 'Description' = %q This module exploits vulnerabilities within the...

8.8CVSS0.90388EPSS
Exploits9
CVE
CVE
added 2022/03/09 5:6 p.m.366 views

CVE-2022-23277

CVE-2022-23277 is a Microsoft Exchange Server remote code execution vulnerability. The connected sources indicate an RCE risk in Exchange Server reachable over the network that requires the attacker to authenticate and use a network call to execute arbitrary code on the server. Affected products ...

8.8CVSS8.8AI score0.40789EPSS
Exploits3References1Affected Software1
The Hacker News
The Hacker News
added 2022/03/09 5:44 a.m.118 views

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms

Microsoft's Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others. Of the total 71 patches, three are rated Critical and 68 are rated Important in severity...

8.8CVSS1.2AI score0.40789EPSS
Exploits3
Rapid7 Blog
Rapid7 Blog
added 2022/03/08 9:8 p.m.154 views

Patch Tuesday - March 2022

Microsoft's March 2022 updates include fixes for 92 CVEs including 21 from the Chromium project, which is used by their Edge web browser. None of them have been seen exploited in the wild, but three have been previously disclosed. CVE-2022-24512, affecting .NET and Visual Studio, and...

9CVSS1.4AI score0.56376EPSS
Exploits5
Kaspersky
Kaspersky
added 2022/03/08 12:0 a.m.89 views

KLA12478 Multiple vulnerabilities in Microsoft Exchange Server

Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Exchange Server can be exploited remotely to...

8.8CVSS8.6AI score0.40789EPSS
Exploits3References6
Rows per page
Query Builder