Exploit creates a web shell in \Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\test11.aspx which must be manually removed after a successful exploit.

Platforms

Windows

mssecure 8

hackerone 2

metasploit 3

githubexploit 35

thn 13

threatpost 16

hivepro 4

cve 1

saint 2

malwarebytes 5

securelist 8

cvelist 1

packetstorm 5

mmpc 8

talosblog 2

qualysblog 11

zdt 4

prion 1

nvd 1

cisa_kev 1

nessus 2

exploitdb 2

attackerkb 4

checkpoint_advisories 1

nuclei 3

mskb 2

msrc 3

akamaiblog 3

cisa 1

impervablog 1

ics 7

fireeye 1

krebs 1

carbonblack 1

rapid7blog 7

kaspersky 1

wallarmlab 2

avleonov 3

mscve 4

googleprojectzero 1

mssecure

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

2021-03-18 22:00:47

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

2021-03-25 21:21:07

Microsoft investigates Iranian attacks against the Albanian government

2022-09-08 15:00:00

hackerone

U.S. Dept Of Defense: SSRF due to CVE-2021-26855 on ████████

2021-03-07 11:31:33

U.S. Dept Of Defense: CVE-2021-26855 on ████████ resulting in SSRF

2021-03-07 11:37:32

metasploit

Microsoft Exchange ProxyLogon Collector

2021-03-09 19:52:01

Microsoft Exchange ProxyLogon Scanner

2021-03-07 13:37:20

Microsoft Exchange ProxyLogon RCE

2021-03-12 23:49:45

githubexploit

Exploit for Server-Side Request Forgery in Microsoft

2021-03-17 03:32:19

Exploit for Server-Side Request Forgery in Microsoft

2021-03-11 20:51:48

Exploit for Server-Side Request Forgery in Microsoft

2021-03-06 09:15:55

thn

CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws

2021-03-04 08:26:00

ProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber Attacks

2021-03-11 15:04:00

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021

2024-06-20 10:22:00

threatpost

Mandiant Front Lines: How to Tackle Exchange Exploits

2021-04-16 14:02:54

Attackers Hijack Email Using Proxy Logon/Proxyshell Flaws

2021-11-22 19:26:25

IKEA Hit by Email Reply-Chain Cyberattack

2021-11-29 21:22:12

hivepro

BackdoorDiplomacy targets the telecom industry in the Middle East

2022-12-08 07:20:51

Have you patched the vulnerabilities in Microsoft Exchange Server?

2021-08-18 11:01:05

AvosLocker Ransomware group has targeted 50+ Organizations Worldwide

2022-03-24 06:30:44

cve

CVE-2021-26855

2021-03-03 00:15:12

saint

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

Microsoft Exchange Server ProxyLogon vulnerability

2021-03-19 00:00:00

malwarebytes

Microsoft Exchange attacks cause panic as criminals go shell collecting

2021-03-09 19:59:37

Patch now! Exchange servers attacked by Hafnium zero-days

2021-03-03 12:34:27

AvosLocker ransomware uses Microsoft Exchange Server vulnerabilities, says FBI

2022-03-21 21:09:12

securelist

Tomiris called, they want their Turla malware back

2023-04-24 08:00:22

IT threat evolution in Q2 2023

2023-08-30 10:00:05

Zero-day vulnerabilities in Microsoft Exchange Server

2021-03-04 17:20:57

cvelist

CVE-2021-26855 Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 23:55:26

packetstorm

Microsoft Exchange Proxylogon SSRF Proof Of Concept

2021-03-11 00:00:00

Microsoft Exchange 2019 Unauthenticated Email Download

2021-05-18 00:00:00

Microsoft Exchange 2019 SSRF / Arbitrary File Write

2021-03-18 00:00:00

mmpc

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

2021-03-18 22:00:47

Microsoft investigates Iranian attacks against the Albanian government

2022-09-08 15:00:00

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

2021-03-25 21:21:07

talosblog

What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads

2022-07-27 12:00:00

Threat Advisory: HAFNIUM and Microsoft Exchange zero-day

2021-03-08 10:18:43

qualysblog

Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0

2022-06-22 21:23:51

Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR

2021-03-03 22:12:19

The Rise of Ransomware

2021-10-05 12:50:00

zdt

Microsoft Exchange 2019 - Unauthenticated Email Download Exploit

2021-05-18 00:00:00

Microsoft Exchange ProxyLogon Remote Code Execution Exploit

2021-03-23 00:00:00

Microsoft Exchange 2019 - Unauthenticated Email Download Exploit

2021-05-21 00:00:00

prion

Remote code execution

2021-03-03 00:15:00

nvd

CVE-2021-26855

2021-03-03 00:15:12

cisa_kev

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-11-03 00:00:00

nessus

Microsoft Exchange Server Authentication Bypass

2021-03-08 00:00:00

Security Updates for Microsoft Exchange Server (March 2021)

2021-03-03 00:00:00

exploitdb

Microsoft Exchange 2019 - Unauthenticated Email Download

2021-05-18 00:00:00

Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)

2021-05-21 00:00:00

attackerkb

CVE-2021-27065

2021-03-03 00:00:00

CVE-2021-26855

2021-03-03 00:00:00

Multiple Microsoft Exchange zero-day vulnerabilities - ProxyLogon Exploit Chain

2023-12-29 00:00:00

checkpoint_advisories

Microsoft Exchange Server Remote Code Execution (CVE-2021-26855; CVE-2021-27065)

2021-03-02 00:00:00

nuclei

Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting

2021-11-12 18:25:15

Exchange Server - Remote Code Execution

2021-08-10 07:59:06

Microsoft Exchange Server SSRF Vulnerability

2021-03-06 07:00:59

mskb

Remove specific prevalent malware with Windows Malicious Software Removal Tool (KB890830)

2021-01-12 00:00:00

Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 2, 2021 (KB5000871)

2021-03-02 08:00:00

msrc

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 18:44:28

Guidance for responders: Investigating and remediating on-premises Exchange Server vulnerabilities

2021-03-16 07:00:00

akamaiblog

Authentication: Lessons Learned from Microsoft Exchange and F5 BIG-IP Hacks

2021-03-24 14:00:00

Microsoft Exchange and Verkada Hacks: Isolate Your Apps and APIs from the Internet Cesspool

2021-03-15 22:15:00

How Akamai Can Help You Fight the Latest Exploitation Attempts Against Microsoft Exchange

2021-03-15 22:30:00

cisa

Microsoft Releases Out-of-Band Security Updates for Exchange Server

2021-03-02 00:00:00

impervablog

Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures

2021-03-26 15:06:38

ics

Mitigate Microsoft Exchange Server Vulnerabilities

2021-07-19 12:00:00

Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization

2022-10-05 12:00:00

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

2022-03-01 12:00:00

fireeye

Detection and Response to Exploitation of Microsoft Exchange Zero-Day Vulnerabilities

2021-03-04 00:00:00

krebs

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

2021-03-02 21:19:17

carbonblack

TAU Threat Advisory: Microsoft Exchange Servers Targeted with Four Zero-day Exploits

2021-03-08 21:05:13

rapid7blog

Indiscriminate Exploitation of Microsoft Exchange Servers (CVE-2021-24085)

2021-03-02 19:53:28

Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day

2021-03-03 00:41:04

Metasploit Wrap-Up

2021-03-26 17:36:13

kaspersky

KLA12103 ACE vulnerabilities in Microsoft Exchange Server

2021-03-02 00:00:00

wallarmlab

Weekly exploit digest – March, 15-21 – VMware View Planner, Win32k ConsoleControl, Microsoft Windows Containers DP API

2021-03-21 13:09:00

Web vulnerabilities exploit weekly digest #1. March 8-15th 2021. VMware vCenter and Apache OFBiz RCE.

2021-03-16 18:22:00

avleonov

Vulnerability Management news and publications #2

2022-08-14 11:30:44

Joint Advisory AA22-279A and Vulristics

2022-10-21 20:10:13

Vulristics: Microsoft Patch Tuesdays Q1 2021

2021-03-26 02:47:52

mscve

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

Microsoft Exchange Server Remote Code Execution Vulnerability

2021-03-02 08:00:00

googleprojectzero

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

Related for SAINT:2232AFF7B86AF6E40FEC6191FAD74DCC