Exploit released for actively abused ProxyNotShell Exchange bug

Two highly severe and actively exploited Microsoft Exchange flaws collectively known as ProxyNotShell have online proof-of-concept exploit code available. One week after Microsoft provided security fixes for ProxyNotShell, security expert Janggggg published the proof-of-concept (PoC) exploit that attackers have been using to backdoor Exchange servers in the wild.

The CVE-2022-41082 and CVE-2022-41040 flaws, which affect Microsoft Exchange Server 2013, 2016, and 2019, allow attackers to elevate privileges to run PowerShell in the context of the system and obtain arbitrary or remote code execution on vulnerable systems.

Exploit released for actively abused ProxyNotShell Exchange bug

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

Exploit released for actively abused ProxyNotShell Exchange bug

18-Nov-22

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address