Proof-of-concept exploit for CVE-2022-41040 and CVE-2022-41082 Microsoft exchange which is activly exploited, published online. CVE-2022-41040 and CVE-2022-41082 both bugs affecting Exchange server 2013 , exchange server 2016 and exchange server 2019 known as ProxyNotShell. Microsoft already patch both vulnerability in nov 2022 patch Tuesday .
One week later security researcher Janggggg published POC of both CVE online which is used to backdoor exchange server .
No comments:
Post a Comment