Lucene search

4D11A641-A378-5AE3-8CCD-C45CFD453293

HistoryDec 22, 2022 - 9:35 a.m.

Exploit for Deserialization of Untrusted Data in Microsoft

2022-12-2209:35:26

240

deserialization exploit

microsoft exchange

post-auth rce

proxynotshell owassrf

privilege escalation

tabshell vulnerability

hotfix bypass

command execution

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.216 Low

EPSS

Percentile

96.5%

JSON

CVE-2022-41082-POC

PoC for the CVE-2022-41082 NotProxyShell OW…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

githubexploit

Exploit for CVE-2022-41082

2022-10-01 05:30:48

Exploit for Vulnerability in Microsoft

2022-10-04 17:32:17

Exploit for CVE-2022-41082

2022-09-30 17:51:47

cve

CVE-2022-41082

2022-10-03 01:15:08

zdi

Microsoft Exchange AppConfigAssemblyResolver Exposed Dangerous Function Information Disclosure Vulnerability

2022-11-22 00:00:00

Microsoft Exchange FileConfigurationSource Exposed Dangerous Function Information Disclosure Vulnerability

2022-11-22 00:00:00

Microsoft Exchange G711Reader Exposed Dangerous Function Information Disclosure Vulnerability

2022-11-22 00:00:00

cvelist

CVE-2022-41082 Microsoft Exchange Server Remote Code Execution Vulnerability

2022-10-03 00:00:00

prion

Remote code execution

2022-10-03 01:15:00

cnvd

Microsoft Exchange Server Remote Code Execution Vulnerability (CNVD-2022-67838)

2022-10-08 00:00:00

nvd

CVE-2022-41082

2022-10-03 01:15:08

mscve

Microsoft Exchange Server Remote Code Execution Vulnerability

2022-09-30 07:00:00

rapid7blog

Metasploit Weekly Wrap-Up

2022-12-02 21:00:13

CVE-2022-41040 and CVE-2022-41082: Unpatched Zero-Day Vulnerabilities in Microsoft Exchange Server

2022-09-29 20:50:50

CVE-2022-41080, CVE-2022-41082: Rapid7 Observed Exploitation of `OWASSRF` in Exchange for RCE

2022-12-21 17:35:17

qualysblog

Safeguard Your Organization this Holiday Season with Endpoint Security from Qualys

2023-10-26 13:04:00

Qualys Response to ProxyNotShell Microsoft Exchange Server Zero-Day Threat Using Qualys Cloud Platform

2022-09-30 23:25:55

Qualys Research Team: Threat Thursdays, October 2022

2022-10-28 00:58:53

cisa_kev

Microsoft Exchange Server Remote Code Execution Vulnerability

2022-09-30 00:00:00

Microsoft Exchange Server Server-Side Request Forgery Vulnerability

2022-09-30 00:00:00

Microsoft Exchange Server Privilege Escalation Vulnerability

2023-01-10 00:00:00

mssecure

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-10-01 04:21:00

packetstorm

Microsoft Exchange ProxyNotShell Remote Code Execution

2022-11-30 00:00:00

msrc

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-30 07:00:00

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-30 06:55:00

Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server

2022-09-30 07:00:00

nessus

Microsoft Exchange Server October 2022 Zero-day Vulnerabilities (ProxyNotShell)

2022-10-05 00:00:00

Potential exposure to Microsoft Exchange CVE-2022-41040 / CVE-2022-41082 Exploit

2022-10-03 00:00:00

Security Updates for Microsoft Exchange Server (Nov 2022)

2022-11-11 00:00:00

cisa

Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server

2022-09-30 00:00:00

thn

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

2022-09-30 09:01:00

State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations

2022-10-01 06:36:00

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

2022-10-08 05:13:00

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2022-41082; CVE-2022-41040)

2022-10-03 00:00:00

wordfence

Two Weeks of Monitoring ProxyNotShell (CVE-2022-41040 & CVE-2022-41082) Threat Activity

2022-10-19 16:01:59

malwarebytes

Ransomware in December 2022

2023-02-01 17:15:00

Rackspace confirms it suffered a ransomware attack

2022-12-08 12:00:00

[updated]Two new Exchange Server zero-days in the wild

2022-09-30 13:00:00

wizblog

OWASSRF, a new exploit for Exchange vulnerabilities, exploited in the wild: everything you need to know

2022-12-22 18:10:48

talosblog

Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server

2022-09-30 21:16:00

Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy rabbit hole

2022-10-06 18:00:00

Threat Advisory: Microsoft warns of actively exploited vulnerabilities in Exchange Server

2022-09-30 21:16:00

hivepro

Unpatched zero-day vulnerabilities of Microsoft Exchange Server

2022-09-30 10:21:56

kaspersky

KLA19264 Multiple vulnerabilities in Microsoft Server Software

2022-09-30 00:00:00

mmpc

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-10-01 04:21:00

metasploit

Microsoft Exchange ProxyNotShell RCE

2022-11-18 22:00:27

akamaiblog

Akamai?s Response to Zero-Day Vulnerabilities in Microsoft Exchange Server (CVE-2022-41040 and CVE-2022-41082)

2022-10-03 09:00:00

attackerkb

CVE-2022-41082

2022-10-03 00:00:00

CVE-2022-41080

2022-11-09 00:00:00

cert

Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

2022-10-03 00:00:00

krebs

Microsoft: Two New 0-Day Flaws in Exchange Server

2022-09-30 16:51:57

Patch Tuesday, November 2022 Election Edition

2022-11-09 01:50:14

hackread

Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers

2022-09-30 17:56:35

impervablog

Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082

2022-09-30 16:47:34

ics

#StopRansomware: Play Ransomware

2023-12-18 12:00:00

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

securelist

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

2022-12-19 16:15:49

IT threat evolution in Q3 2022. Non-mobile statistics

2022-11-18 08:10:34

trellix

The Bug Report October 2022 Edition

2022-11-02 00:00:00

The Bug Report October 2022 Edition

2022-11-02 00:00:00

mskb

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: November 8, 2022 (KB5019758)

2022-11-08 08:00:00

avleonov

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

2022-10-29 08:37:59

Microsoft Patch Tuesday November 2022: Exchange ProxyNotShell RCE, JScript9, MoTW, OpenSSL, Edge, CNG, Print Spooler

2022-11-25 20:56:48

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

2023-06-25 00:35:58

8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.216 Low

EPSS

Percentile

96.5%

JSON

Related for 4D11A641-A378-5AE3-8CCD-C45CFD453293