CVE-2022-41040 and CVE-2022-41082 ProxyNotShell exploit released online


 Proof-of-concept exploit for CVE-2022-41040 and CVE-2022-41082 Microsoft exchange which is activly exploited,  published online. CVE-2022-41040 and CVE-2022-41082 both bugs affecting Exchange server 2013 , exchange server 2016 and exchange server 2019 known as ProxyNotShell. Microsoft already patch both vulnerability in nov 2022 patch Tuesday .



One week later security researcher Janggggg published POC of both CVE online which is used to backdoor exchange server .

No comments:

Iranian Cyber Threats Intensify Against U.S. Defense and OT Networks, Warn Federal Agencies

U.S. Agencies Warn of Escalating Iranian Cyber Threats to Defense and Critical Infrastructure Multiple U.S. cybersecurity and intelligence a...