ProxyNotShell / ProxyShell / ProxyLogon (CVE-2022-41040 & CVE-2022-41082 / CVE-2021-34473 & CVE-2021

These CVE series target Windows Exchange servers. Any unpatched server results in an RCE (full system compromise)

1) Metasploit

msf6 exploit(windows/http/exchange_proxynotshell_rce) >
msf6 exploit(windows/http/exchange_proxyshell_rce) >
msf6 exploit(windows/http/exchange_proxylogon_rce) >

PreviousPrint Nightmare CVE-2021-1675 / CVE-2021-34527 NextZerologon

Last updated 4 months ago

hashtag1) Metasploit

1) Metasploit