CVE-2021-27065
Microsoft Exchange Server Remote Code Execution Vulnerability
In short
A vulnerability in Microsoft Exchange Server allows an attacker to execute arbitrary code remotely on affected servers. This happens through path traversal in the server's file handling, potentially compromising email systems and sensitive data.
Technical detail
CWE-22 path traversal vulnerability in Microsoft Exchange Server enables unauthenticated remote code execution through specially crafted requests. The vulnerability allows attackers to write malicious files to arbitrary locations on the server, leading to code execution with SYSTEM privileges.
Summary generated and translated by AI from the official description.
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Affected products
Microsoft · Microsoft Exchange Server 2013 Cumulative Update 21Microsoft · Microsoft Exchange Server 2013 Cumulative Update 22Microsoft · Microsoft Exchange Server 2013 Cumulative Update 23Microsoft · Microsoft Exchange Server 2013 Service Pack 1Microsoft · Microsoft Exchange Server 2016 Cumulative Update 10Microsoft · Microsoft Exchange Server 2016 Cumulative Update 11Microsoft · Microsoft Exchange Server 2016 Cumulative Update 12Microsoft · Microsoft Exchange Server 2016 Cumulative Update 13Microsoft · Microsoft Exchange Server 2016 Cumulative Update 14Microsoft · Microsoft Exchange Server 2016 Cumulative Update 15Microsoft · Microsoft Exchange Server 2016 Cumulative Update 16Microsoft · Microsoft Exchange Server 2016 Cumulative Update 17Microsoft · Microsoft Exchange Server 2016 Cumulative Update 18Microsoft · Microsoft Exchange Server 2016 Cumulative Update 19Microsoft · Microsoft Exchange Server 2016 Cumulative Update 8Microsoft · Microsoft Exchange Server 2016 Cumulative Update 9Microsoft · Microsoft Exchange Server 2019Microsoft · Microsoft Exchange Server 2019 Cumulative Update 1Microsoft · Microsoft Exchange Server 2019 Cumulative Update 2Microsoft · Microsoft Exchange Server 2019 Cumulative Update 3Microsoft · Microsoft Exchange Server 2019 Cumulative Update 4Microsoft · Microsoft Exchange Server 2019 Cumulative Update 5Microsoft · Microsoft Exchange Server 2019 Cumulative Update 6Microsoft · Microsoft Exchange Server 2019 Cumulative Update 7Microsoft · Microsoft Exchange Server 2019 Cumulative Update 8public PoCs found — 4
githubgithub.com/adamrpostjr/cve-2021-27065★ 11cve_referencepacketstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.htmlunverifiedcve_referencepacketstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49637unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27065https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-27065