CVE-2021-26855
Microsoft Exchange Server Remote Code Execution Vulnerability
Em resumo
Uma vulnerabilidade crítica no Microsoft Exchange Server permite que atacantes executem código malicioso remotamente nos servidores afetados. Um atacante pode explorar essa falha para obter controle total do sistema de email sem precisar de credenciais válidas.
Detalhe técnico
Esta vulnerabilidade de Server-Side Request Forgery (SSRF) no serviço Autodiscover do Exchange Server permite que atacantes não autenticados executem código arbitrário através de requisições HTTP maliciosas que contornam controles de autenticação. A vulnerabilidade permite execução de código remoto com privilégios SYSTEM, afetando todas as versões do Exchange Server 2013, 2016 e 2019 em configurações padrão.
Resumo gerado e traduzido por IA a partir da descrição oficial.
Microsoft Exchange Server Remote Code Execution Vulnerability
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:F/RL:O/RC:C
Produtos afetados
Microsoft · Microsoft Exchange Server 2013 Cumulative Update 21Microsoft · Microsoft Exchange Server 2013 Cumulative Update 22Microsoft · Microsoft Exchange Server 2013 Cumulative Update 23Microsoft · Microsoft Exchange Server 2016 Cumulative Update 10Microsoft · Microsoft Exchange Server 2016 Cumulative Update 11Microsoft · Microsoft Exchange Server 2016 Cumulative Update 12Microsoft · Microsoft Exchange Server 2016 Cumulative Update 13Microsoft · Microsoft Exchange Server 2016 Cumulative Update 14Microsoft · Microsoft Exchange Server 2016 Cumulative Update 15Microsoft · Microsoft Exchange Server 2016 Cumulative Update 16Microsoft · Microsoft Exchange Server 2016 Cumulative Update 17Microsoft · Microsoft Exchange Server 2016 Cumulative Update 18Microsoft · Microsoft Exchange Server 2016 Cumulative Update 19Microsoft · Microsoft Exchange Server 2016 Cumulative Update 8Microsoft · Microsoft Exchange Server 2016 Cumulative Update 9Microsoft · Microsoft Exchange Server 2019Microsoft · Microsoft Exchange Server 2019 Cumulative Update 1Microsoft · Microsoft Exchange Server 2019 Cumulative Update 2Microsoft · Microsoft Exchange Server 2019 Cumulative Update 3Microsoft · Microsoft Exchange Server 2019 Cumulative Update 4Microsoft · Microsoft Exchange Server 2019 Cumulative Update 5Microsoft · Microsoft Exchange Server 2019 Cumulative Update 6Microsoft · Microsoft Exchange Server 2019 Cumulative Update 7Microsoft · Microsoft Exchange Server 2019 Cumulative Update 8PoCs públicas encontradas — 57
githubgithub.com/Flangvik/SharpProxyLogon★ 249githubgithub.com/hosch3n/ProxyVulns★ 177githubgithub.com/dwisiswant0/proxylogscan★ 164githubgithub.com/p0wershe11/ProxyLogon★ 124githubgithub.com/h4x0r-dz/CVE-2021-26855★ 100githubgithub.com/cert-lv/exchange_webshell_detection★ 99githubgithub.com/hackerschoice/CVE-2021-26855★ 60githubgithub.com/alt3kx/CVE-2021-26855_PoC★ 53githubgithub.com/praetorian-inc/proxylogon-exploit★ 51githubgithub.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855★ 36githubgithub.com/RickGeex/ProxyLogon★ 32githubgithub.com/ZephrFish/Exch-CVE-2021-26855★ 29githubgithub.com/evilashz/ExchangeSSRFtoRCEExploit★ 28githubgithub.com/pussycat0x/CVE-2021-26855-SSRF★ 23githubgithub.com/hakivvi/proxylogon★ 22githubgithub.com/soteria-security/HAFNIUM-IOC★ 22githubgithub.com/srvaccount/CVE-2021-26855-PoC★ 17githubgithub.com/r0xDB/CVE-2021-26855★ 12githubgithub.com/kh4sh3i/ProxyLogon★ 9githubgithub.com/mil1200/ProxyLogon-CVE-2021-26855★ 9githubgithub.com/thau0x01/poc_proxylogon★ 8githubgithub.com/La3B0z/CVE-2021-26855-SSRF-Exchange★ 6githubgithub.com/Mr-xn/CVE-2021-26855-d★ 6githubgithub.com/sgnls/exchange-0days-202103★ 5githubgithub.com/hackerxj007/CVE-2021-26855★ 5githubgithub.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day★ 5githubgithub.com/mekhalleh/exchange_proxylogon★ 4githubgithub.com/ZephrFish/Exch-CVE-2021-26855_Priv★ 4githubgithub.com/Yt1g3r/CVE-2021-26855_SSRF★ 4githubgithub.com/TaroballzChen/ProxyLogon-CVE-2021-26855-metasploit★ 4githubgithub.com/ssrsec/Microsoft-Exchange-RCE★ 3githubgithub.com/KotSec/CVE-2021-26855-Scanner★ 3githubgithub.com/Immersive-Labs-Sec/ProxyLogon★ 3githubgithub.com/glen-pearson/ProxyLogon-CVE-2021-26855★ 1githubgithub.com/timb-machine-mirrors/testanull-CVE-2021-26855_read_poc.txt★ 0githubgithub.com/mauricelambert/ExchangeWeaknessTest★ 0githubgithub.com/DCScoder/Exchange_IOC_Hunter★ 0githubgithub.com/antichown/Scan-Vuln-CVE-2021-26855★ 0githubgithub.com/catmandx/CVE-2021-26855-Exchange-RCE★ 0githubgithub.com/hictf/CVE-2021-26855-CVE-2021-27065★ 0githubgithub.com/haotiku/CVE-2021-26855-exploit-Exchange★ 0githubgithub.com/Nick-Yin12/106362522★ 0githubgithub.com/yaoxiaoangry3/Flangvik★ 0githubgithub.com/1342486672/Flangvik★ 0githubgithub.com/TheDudeD6/ExchangeSmash★ 0githubgithub.com/ShyTangerine/cve-2021-26855★ 0githubgithub.com/Wercd/CVE-2021-26855★ 0githubgithub.com/SimoesCTT/CTT-ProxyLogon-RCE-v1.0---Convergent-Time-Theory-Enhanced-Microsoft-Exchange-Exploit★ 0githubgithub.com/SimoesCTT/CTT-Exchange-RCE-v1.0---Microsoft-Exchange-Exploit-CVSS-10.0-CRITICAL-CVE-2021-26855-CVE-2021-27065★ 0cve_referencepacketstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/49637não verificadoexploitdbwww.exploit-db.com/exploits/49879não verificadoexploitdbwww.exploit-db.com/exploits/49895não verificadocve_referencepacketstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.htmlnão verificadocve_referencepacketstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.htmlnão verificadocve_referencepacketstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/49663não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/161846/Microsoft-Exchange-2019-SSRF-Arbitrary-File-Write.htmlhttp://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/162610/Microsoft-Exchange-2019-Unauthenticated-Email-Download.htmlhttp://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.htmlhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26855