Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

2D0AC1C7-F656-5D6B-9FC2-79525014BE1E

HistorySep 04, 2021 - 3:34 p.m.

Vulners
/
Githubexploit
/
Exploit for Unrestricted Upload of File with Dangerous Type in Microsoft

Exploit for Unrestricted Upload of File with Dangerous Type in Microsoft

2021-09-0415:34:03

253

unrestricted upload file

microsoft exchange

proxyshell

proof of concept

active directory

legacydn

sid

load-balanced

security updates

prior research

academic research

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.5

Confidence

High

EPSS

0.973

Percentile

99.9%

JSON

ProxyShell

Proof of Concept Exploit for Microsoft Exchange CVE…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

thn 13

rapid7blog 7

cisa 1

attackerkb 4

hivepro 8

pentestpartners 1

threatpost 11

malwarebytes 6

trellix 2

zdt 1

fireeye 1

metasploit 1

githubexploit 11

packetstorm 1

qualysblog 9

securelist 4

checkpoint_advisories 2

ics 6

mmpc 3

msrc 2

prion 3

zdi 3

nvd 3

cisa_kev 3

mscve 3

cvelist 3

cve 3

avleonov 2

nessus 2

mskb 2

kaspersky 2

krebs 1

impervablog 1

nuclei 1

mssecure 2

thn

New Incident Report Reveals How Hive Ransomware Targets Organizations

2022-04-21 10:00:00

MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks

2024-05-22 07:41:00

WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws

2021-08-22 09:51:00

rapid7blog

For Microsoft Exchange Server Vulnerabilities, Patching Remains Patchy

2021-10-06 14:07:12

ProxyShell: More Widespread Exploitation of Microsoft Exchange Servers

2021-08-12 21:08:43

Metasploit Wrap-Up

2021-08-20 19:12:00

cisa

Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities

2021-08-21 00:00:00

attackerkb

ProxyShell Exploit Chain

2023-12-28 00:00:00

CVE-2021-34523

2021-07-14 00:00:00

CVE-2021-31207

2021-05-11 00:00:00

hivepro

BlackByte ransomware exploits Microsoft Servers ProxyShell Vulnerabilities

2021-12-07 13:24:49

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

2022-03-25 04:05:09

Hive Ransomware targets organizations with ProxyShell exploit

2022-04-22 14:34:47

pentestpartners

Hive Ransomware is on the rise. How should you deal with it?

2022-11-18 06:44:42

threatpost

Microsoft Breaks Silence on Barrage of ProxyShell Attacks

2021-08-26 12:39:54

ProxyShell Attacks Pummel Unpatched Exchange Servers

2021-08-23 18:54:29

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

2021-11-03 18:16:37

malwarebytes

IIS extensions are on the rise as backdoors to servers

2022-07-27 13:58:06

Patch now! Microsoft Exchange is being attacked via ProxyShell

2021-08-23 13:21:08

AvosLocker ransomware uses Microsoft Exchange Server vulnerabilities, says FBI

2022-03-21 21:09:12

trellix

Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware

2022-02-28 00:00:00

Trellix Global Defenders: Analysis and Protections for BlackByte Ransomware

2022-02-28 00:00:00

zdt

Microsoft Exchange ProxyShell Remote Code Execution Exploit

2021-08-21 00:00:00

fireeye

PST, Want a Shell? ProxyShell Exploiting Microsoft Exchange Servers

2021-09-03 10:00:00

metasploit

Microsoft Exchange ProxyShell RCE

2021-08-18 14:50:34

githubexploit

Exploit for Vulnerability in Microsoft

2021-10-02 07:29:24

Exploit for Server-Side Request Forgery in Microsoft

2022-06-29 12:37:31

Exploit for Vulnerability in Microsoft

2021-08-10 15:01:02

packetstorm

Microsoft Exchange ProxyShell Remote Code Execution

2021-08-20 00:00:00

qualysblog

AvosLocker Ransomware Behavior Examined on Windows & Linux

2022-03-07 05:18:46

In-Depth Look Into Data-Driven Science Behind Qualys TruRisk

2022-10-10 14:32:29

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

securelist

Tropic Trooper spies on government entities in the Middle East

2024-09-05 08:00:12

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

2022-12-19 16:15:49

From Caribbean shores to your devices: analyzing Cuba ransomware

2023-09-11 10:00:26

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2021-34473; CVE-2021-34523)

2021-07-14 00:00:00

Microsoft Exchange Server Security Feature Authentication Bypass (CVE-2021-31207)

2021-12-16 00:00:00

ics

#StopRansomware: Hive Ransomware

2022-11-25 12:00:00

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

2024-07-08 12:00:00

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

2022-09-14 12:00:00

mmpc

The five-day job: A BlackByte ransomware intrusion case study

2023-07-06 17:00:00

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

2021-12-12 05:29:03

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

2022-05-09 13:00:00

msrc

April 2021 Update Tuesday packages now available

2021-04-13 07:00:00

April 2021 Update Tuesday packages now available

2021-04-13 07:00:00

prion

Security feature bypass

2021-05-11 19:15:00

Privilege escalation

2021-07-14 18:15:00

Remote code execution

2021-07-14 18:15:00

zdi

(Pwn2Own) Microsoft Exchange Server PowerShell Improper Authentication Remote Code Execution Vulnerability

2021-07-19 00:00:00

(Pwn2Own) Microsoft Exchange Server Autodiscover Server Side Request Forgery Authentication Bypass Vulnerability

2021-07-19 00:00:00

(Pwn2Own) Microsoft Exchange Server Arbitrary File Write Remote Code Execution Vulnerability

2021-07-19 00:00:00

nvd

CVE-2021-34473

2021-07-14 18:15:11

CVE-2021-34523

2021-07-14 18:15:12

CVE-2021-31207

2021-05-11 19:15:10

cisa_kev

Microsoft Exchange Server Privilege Escalation Vulnerability

2021-11-03 00:00:00

Microsoft Exchange Server Security Feature Bypass Vulnerability

2021-11-03 00:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

mscve

Microsoft Exchange Server Elevation of Privilege Vulnerability

2021-07-13 07:00:00

Microsoft Exchange Server Security Feature Bypass Vulnerability

2021-05-11 07:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-07-13 07:00:00

cvelist

CVE-2021-34523 Microsoft Exchange Server Elevation of Privilege Vulnerability

2021-07-14 17:54:38

CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability

2021-05-11 19:11:41

CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-07-14 17:54:03

cve

CVE-2021-34523

2021-07-14 18:15:12

CVE-2021-31207

2021-05-11 19:15:10

CVE-2021-34473

2021-07-14 18:15:11

avleonov

Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs

2021-08-31 23:16:51

Vulnerability Management news and publications #2

2022-08-14 11:30:44

nessus

Security Updates for Microsoft Exchange Server (April 2021)

2021-04-13 00:00:00

Security Updates for Exchange (May 2021)

2021-05-11 00:00:00

mskb

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: April 13, 2021 (KB5001779)

2021-07-13 07:00:00

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: May 11, 2021 (KB5003435)

2021-05-11 07:00:00

kaspersky

KLA12224 Multiple vulnerabilities in Microsoft Exchange Server

2021-07-13 00:00:00

KLA12169 Multiple vulnerabilities in Microsoft Exchange Server

2021-05-11 00:00:00

krebs

Microsoft Patch Tuesday, July 2021 Edition

2021-07-13 21:41:47

impervablog

Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-09-30 16:47:34

nuclei

Exchange Server - Remote Code Execution

2021-08-10 07:59:06

mssecure

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

2021-12-12 05:29:03

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

2022-05-09 13:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.5

Confidence

High

EPSS

0.973

Percentile

99.9%

JSON

Related for 2D0AC1C7-F656-5D6B-9FC2-79525014BE1E