Beyond ProxyNotShell - New OWASSRF Exploit Targets MS Exchange


Microsoft Exchange servers can now be attacked using a new exploit technique (OWASSRF) that takes use of the CVE-2022-41080 and CVE-2022-41082 weaknesses. It differs from ProxyNotShell, a typical attack technique regularly used to target Microsoft Exchange servers, though.

Numerous Play ransomware breaches have leveraged this flaw, according to recent CrowdStrike Services investigations. The attackers used a Remote PowerShell to exploit CVE-2022-41082, one of two issues exploited in ProxyNotShell attacks, to get initial access and execute arbitrary code.

Read More…