Lucene search
+L

31 matches found

The Hacker News
The Hacker News
added 2022/12/21 7:41 a.m.413 views

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution RCE through Outlook Web Access OWA. "The new exploit method bypasses...

9.8CVSS1.8AI score0.9997EPSS
Exploits16
Metasploit
Metasploit
added 2022/11/30 7:51 p.m.619 views

Microsoft Exchange ProxyNotShell RCE

This module chains two vulnerabilities on Microsoft Exchange Server that, when combined, allow an authenticated attacker to interact with the Exchange Powershell backend CVE-2022-41040, where a deserialization flaw can be leveraged to obtain code execution CVE-2022-41082. This exploit only suppor...

8.8CVSS7.2AI score0.9997EPSS
Exploits16
Packet Storm
Packet Storm
added 2022/11/30 12:0 a.m.969 views

Microsoft Exchange ProxyNotShell Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Exchange ProxyNotShell RCE', 'Description' = %q This module chains two vulnerabilities on Microsoft Exchange Server that, when combined...

8.8CVSS0.6AI score0.9997EPSS
Exploits16
Trellix
Trellix
added 2022/11/02 12:0 a.m.90 views

The Bug Report October 2022 Edition

The Bug Report — October 2022 Edition By Trellix · November 2, 2022 This story was written by Richard Johnson. Do ROP exploits count as jmp scares? Why am I here? Welcome back to the Bug Report: Spooky Edition, and we’ve got bugs crawling out of the walls! Of all the months we do this, we’ve foun...

0.3AI score0.9997EPSS
Exploits58
GithubExploit
GithubExploit
added 2022/10/20 3:11 a.m.471 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2022-41040-metasploit-ProxyNotShell the metasploit script...

8.8CVSS8.9AI score0.99945EPSS
Exploits9
Wordfence Blog
Wordfence Blog
added 2022/10/19 4:1 p.m.366 views

Two Weeks of Monitoring ProxyNotShell (CVE-2022-41040 & CVE-2022-41082) Threat Activity

The Wordfence Threat Intelligence team has been monitoring exploit attempts targeting two zero-day vulnerabilities in Microsoft Exchange Server tracked as CVE-2022-41040 and CVE-2022-41082, collectively known as ProxyNotShell. These vulnerabilities are actively being exploited in the wild. At the...

8.6AI score0.9997EPSS
Exploits16
GithubExploit
GithubExploit
added 2022/10/14 5:1 p.m.836 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2022-41040 Microsoft Exchange vulnerable to server-side...

8.8CVSS9AI score0.99945EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2022/10/11 6:35 p.m.232 views

Patch Tuesday - October 2022

The October batch of CVEs published by Microsoft includes 96 vulnerabilities, including 12 fixed earlier this month that affect the Chromium project used by their Edge browser. Top of mind for many this month is whether Microsoft would patch the two Exchange Server zero-day vulnerabilities...

1.6AI score0.9997EPSS
Exploits24
GithubExploit
GithubExploit
added 2022/10/09 3:27 p.m.251 views

Exploit for Server-Side Request Forgery in Microsoft

CVE-2022-41040-POC CVE-2022-41040 - Server Side Request Forger...

8.8CVSS9.1AI score0.99945EPSS
Exploits9
The Hacker News
The Hacker News
added 2022/10/08 5:13 a.m.240 views

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from...

8.8CVSS0.4AI score0.9997EPSS
Exploits16
Tenable Nessus
Tenable Nessus
added 2022/10/05 12:0 a.m.287 views

Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)

The Microsoft Exchange Server installed on the remote host is potentially affected by multiple zero-day vulnerabilities, dubbed ProxyNotShell: - An unspecified authenticated server-side request forgery SSRF vulnerability. CVE-2022-41040 - An unspecified authenticated remote code execution RCE...

8.8CVSS9.1AI score0.9997EPSS
Exploits16References5
Akamai Blog
Akamai Blog
added 2022/10/03 9:0 a.m.218 views

Akamai’s Response to Zero-Day Vulnerabilities in Microsoft Exchange Server (CVE-2022-41040 and CVE-2022-41082)

Akamai Security Research has released web application firewall protections for Microsoft Exchange CVE-2022-41040 and CVE-2022-41082...

8.8CVSS8.8AI score0.9997EPSS
Exploits16
Positive Technologies
Positive Technologies
added 2022/10/03 12:0 a.m.9 views

PT-2022-14862 · Undefined · Undefined

ParsedReport 01-10-2022 Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082 Threats: Chinachopper Backdoor:win32/rewritehttp...

8.8CVSS9.3AI score0.9997EPSS
Exploits16References2
Vulnrichment
Vulnrichment
added 2022/10/03 12:0 a.m.13 views

CVE-2022-41040 Microsoft Exchange Server Elevation of Privilege Vulnerability

...

8.8CVSS7.2AI score0.99945EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2022/10/03 12:0 a.m.478 views

Potential exposure to Microsoft Exchange CVE-2022-41040 / CVE-2022-41082 Exploit

Binary data exchangecve-2022-41040ioc.nbin...

8.8CVSS9AI score0.9997EPSS
Exploits16References4
Cvelist
Cvelist
added 2022/10/03 12:0 a.m.39 views

CVE-2022-41040 Microsoft Exchange Server Elevation of Privilege Vulnerability

...

8.8CVSS8.8AI score0.99945EPSS
Exploits9References1
CVE
CVE
added 2022/10/03 12:0 a.m.1618 views

CVE-2022-41040

CVE-2022-41040 is an Exchange Server SSRF vulnerability used to escalate privileges, often paired with CVE-2022-41082 for remote code execution (RCE). The vulnerability chain affects on‑premise Exchange Server deployments via the Autodiscover service, enabling an authenticated attacker to trigger...

8.8CVSS8.5AI score0.99945EPSS
In wildExploits9References6Affected Software1
CERT
CERT
added 2022/10/03 12:0 a.m.734 views

Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

Overview Microsoft Exchange Server 2019, Exchange Server 2016 and Exchange Server 2013 are vulnerable to a server-side request forgery SSRF attack and remote code execution. An authenticated attacker can use the combination of these two vulnerabilities to elevate privileges and execute arbitrary...

8.8CVSS9.4AI score0.9997EPSS
Exploits16References6
ATTACKERKB
ATTACKERKB
added 2022/10/03 12:0 a.m.217 views

CVE-2022-41040

Microsoft Exchange Server Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

8.8CVSS8.9AI score0.99945EPSS
In wildExploits9References6
Hacker One
Hacker One
added 2022/10/02 8:47 a.m.88 views

Acronis: mail.acronis.com is vulnerable to zero day vulnerability CVE-2022-41040

Hello Acronis team, Please run curl -ksL -m5 -o /dev/null -I -w "%httpcode" "https://mail.acronis.com/autodiscover/autodiscover.json?Email=autodiscover/[email protected]&Protocol=ActiveSync" curl -ksL -m5...

6.5CVSS1.6AI score0.99945EPSS
Exploits9
Rows per page
Query Builder