支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2021-26855 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Microsoft Exchange Server Remote Code Execution Vulnerability
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Microsoft Exchange Server Remote Code Execution Vulnerability
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft Exchange Server 代码问题漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft Exchange Server是美国微软(Microsoft)公司的一套电子邮件服务程序。它提供邮件存取、储存、转发,语音邮件,邮件过滤筛选等功能。 Microsoft Exchange Server 安全漏洞。攻击者可构造恶意HTTP请求,并通过Exchange Server进行身份验证。进而扫描内网,获取用户敏感信息。以下产品和版本受到影响:Microsoft Exchange Server 2013 Cumulative Update 23,Microsoft Exchange
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 19 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_19:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 8 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_8:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:*:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 22 15.00.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_22:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 2 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_2:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 13 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_13:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 23 15.00.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 3 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_3:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 14 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_14:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 4 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_4:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 15 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_15:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 5 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_5:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 6 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_6:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 16 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_16:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 17 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_17:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 7 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_7:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 18 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_18:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2013 Cumulative Update 21 15.00.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_21:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 12 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_12:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 8 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_8:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2019 Cumulative Update 1 15.02.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_1:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 9 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_9:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 10 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_10:*:*:*:*:*:*
MicrosoftMicrosoft Exchange Server 2016 Cumulative Update 11 15.01.0 ~ publication cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_11:*:*:*:*:*:*
二、漏洞 CVE-2021-26855 的公开POC
#POC 描述源链接神龙链接
1IoC determination for exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 and CVE-2021-27065.https://github.com/sgnls/exchange-0days-202103POC详情
2A PowerShell script to identify indicators of exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865https://github.com/soteria-security/HAFNIUM-IOCPOC详情
3Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)https://github.com/cert-lv/exchange_webshell_detectionPOC详情
4Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)https://github.com/conjojo/Microsoft_Exchange_Server_SSRF_CVE-2021-26855POC详情
5This script helps to identify CVE-2021-26855 ssrf Pochttps://github.com/pussycat0x/CVE-2021-26855-SSRFPOC详情
6CVE-2021-26855 SSRF Exchange Serverhttps://github.com/La3B0z/CVE-2021-26855-SSRF-ExchangePOC详情
7Module pack for #ProxyLogon (part. of my contribute for Metasploit-Framework) [CVE-2021-26855 && CVE-2021-27065]https://github.com/mekhalleh/exchange_proxylogonPOC详情
8POC of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865, ProxyLogon pochttps://github.com/Yt1g3r/CVE-2021-26855_SSRFPOC详情
9CVE-2021-26855 exphttps://github.com/hackerxj007/CVE-2021-26855POC详情
10A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).https://github.com/dwisiswant0/proxylogscanPOC详情
11This script test the CVE-2021-26855 vulnerability on Exchange Server.https://github.com/mauricelambert/ExchangeWeaknessTestPOC详情
12CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065https://github.com/DCScoder/Exchange_IOC_HunterPOC详情
13PoC exploit code for CVE-2021-26855https://github.com/srvaccount/CVE-2021-26855-PoCPOC详情
14Nonehttps://github.com/h4x0r-dz/CVE-2021-26855POC详情
15Nonehttps://github.com/alt3kx/CVE-2021-26855_PoCPOC详情
16 CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server.https://github.com/raheel0x01/CVE-2021-26855POC详情
17PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by githubhttps://github.com/hackerschoice/CVE-2021-26855POC详情
18CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0dayPOC详情
19Scanner and PoC for CVE-2021-26855 https://github.com/KotSec/CVE-2021-26855-ScannerPOC详情
20RCE exploit for Microsoft Exchange Server (CVE-2021-26855).https://github.com/hakivvi/proxylogonPOC详情
21CVE-2021-26855: PoC (Not a HoneyPoC for once!)https://github.com/ZephrFish/Exch-CVE-2021-26855POC详情
22RCE exploit for ProxyLogon vulnerability in Microsoft Exchangehttps://github.com/mil1200/ProxyLogon-CVE-2021-26855POC详情
23CVE-2021-26855 & CVE-2021-27065https://github.com/evilashz/ExchangeSSRFtoRCEExploitPOC详情
24patched to workhttps://github.com/ZephrFish/Exch-CVE-2021-26855_PrivPOC详情
25Nonehttps://github.com/Mr-xn/CVE-2021-26855-dPOC详情
26ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution.https://github.com/RickGeex/ProxyLogonPOC详情
27Chaining CVE-2021-26855 and CVE-2021-26857 to exploit Microsoft Exchangehttps://github.com/Immersive-Labs-Sec/ProxyLogonPOC详情
28Nonehttps://github.com/shacojx/Scan-Vuln-CVE-2021-26855POC详情
29CVE-2021-26855 proxyLogon metasploit exploit scripthttps://github.com/TaroballzChen/ProxyLogon-CVE-2021-26855-metasploitPOC详情
30ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)https://github.com/p0wershe11/ProxyLogonPOC详情
31Nonehttps://github.com/shacojx/CVE-2021-26855-exploit-ExchangePOC详情
32Microsoft Exchange Proxylogon Exploit Chain EXP分析https://github.com/catmandx/CVE-2021-26855-Exchange-RCEPOC详情
33analytics ProxyLogo Mail exchange RCEhttps://github.com/hictf/CVE-2021-26855-CVE-2021-27065POC详情
34Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.https://github.com/praetorian-inc/proxylogon-exploitPOC详情
35C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection https://github.com/Flangvik/SharpProxyLogonPOC详情
36[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.https://github.com/hosch3n/ProxyVulnsPOC详情
37針對近期微軟公布修補遭駭客攻擊的Exchange Server漏洞問題,台灣DEVCORE表示早在1月5日便已發現安全漏洞後,並且向微軟通報此項編號命名為「CVE-2021-26855 」,以及「CVE-2021-27065」的零日漏洞,同時也將此項漏洞稱為「ProxyLogon」。 此次揭露的「ProxyLogon」漏洞,是以無需驗證即可使用的遠端程式碼執行 (Pre-Auth Remote Code Execution;Pre-Auth RCE)零日漏洞(Zero-day exploit),可讓攻擊者得以繞過身份驗證步驟,驅使系統管理員協助執行惡意文件或執行指令,進而觸發更廣泛的攻擊。 「ProxyLogon」是微軟近期被揭露最重大的RCE漏洞之一,DEVCORE團隊遵循責任揭露 (Responsible Disclosure)原則,在發現後便第一時間立即於今年1月5日通報微軟進行修補,避免該漏洞遭有心人士利用,造成全球用戶重大損失。而微軟遂於3月2日針對相關漏洞釋出安全更新,避免用戶機敏資訊遭受惡意攻擊。個人想法:遭駭客攻擊的Exchange Server漏洞問題,台灣DEVCORE表示早在1月5日便已發現,並且向微軟通報此項編號命名為「CVE-2021-26855 」,以及「CVE-2021-27065」的零日漏洞,同時也將此項漏洞稱為「ProxyLogon」。 此次揭露的「ProxyLogon」漏洞,是以無需驗證即可使用的遠端程式碼執行 (Pre-Auth Remote Code Execution;Pre-Auth RCE)零日漏洞(Zero-day exploit),可讓攻擊者得以繞過身份驗證步驟,驅使系統管理員協助執行惡意文件或執行指令,進而觸發更廣泛的攻擊。 「ProxyLogon」是微軟近期被揭露最重大的RCE漏洞之一,DEVCORE團隊遵循責任揭露 (Responsible Disclosure)原則,在發現後便第一時間立即於今年1月5日通報微軟進行修補,避免該漏洞遭有心人士利用,造成全球用戶重大損失。而微軟遂於3月2日針對相關漏洞釋出安全更新,避免用戶機敏資訊遭受惡意攻擊。個人想法:微軟是大眾常用的軟體之一,駭客只要察覺漏洞就會進行惡意的攻擊,微軟公布4個Exchange Server的安全漏洞後,就遭受駭客的惡意攻擊,這件事的發生,微軟需更加小心並提高資安的防護。https://github.com/Nick-Yin12/106362522POC详情
38C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in…https://github.com/yaoxiaoangry3/FlangvikPOC详情
39Microsoft Exchange ProxyLogon PoC (CVE-2021-26855)https://github.com/thau0x01/poc_proxylogonPOC详情
40C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in…https://github.com/1342486672/FlangvikPOC详情
41CVE-2021-26855https://github.com/TheDudeD6/ExchangeSmashPOC详情
42ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)https://github.com/kh4sh3i/ProxyLogonPOC详情
43Tool to search for IOCs related to HAFNIUM: CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065https://github.com/byinarie/ZirconiumPOC详情
44Microsoft Exchange CVE-2021-26855&CVE-2021-27065https://github.com/ssrsec/Microsoft-Exchange-RCEPOC详情
45Nonehttps://github.com/iceberg-N/cve-2021-26855POC详情
46Clone from gisthttps://github.com/timb-machine-mirrors/testanull-CVE-2021-26855_read_poc.txtPOC详情
47Nonehttps://github.com/MacAsure/cve-2021-26855POC详情
48Nonehttps://github.com/glen-pearson/ProxyLogon-CVE-2021-26855POC详情
49 CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server.https://github.com/r0xdeadbeef/CVE-2021-26855POC详情
50Nonehttps://github.com/ShyTangerine/cve-2021-26855POC详情
51This vulnerability is part of an attack chain that could allow remote code execution on Microsoft Exchange Server. The initial attack requires the ability to make an untrusted connection to Exchange server port 443. Other portions of the chain can be triggered if an attacker already has access or can convince an administrator to open a malicious file. Be aware his CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, and CVE-2021-27078.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-26855.yamlPOC详情
52 CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server.https://github.com/r0xDB/CVE-2021-26855POC详情
53 CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server.https://github.com/R0XDEADBEEF/CVE-2021-26855POC详情
54Nonehttps://github.com/Wercd/CVE-2021-26855POC详情
55Nonehttps://github.com/antichown/Scan-Vuln-CVE-2021-26855POC详情
56Nonehttps://github.com/haotiku/CVE-2021-26855-exploit-ExchangePOC详情
57 An advanced exploit for Microsoft Exchange Server (CVE-2021-26855, CVE-2021-27065) enhanced with Convergent Time Theory principles, achieving near-perfect theoretical rating through quantum temporal resonance and α-dispersion techniques.https://github.com/SimoesCTT/CTT-ProxyLogon-RCE-v1.0---Convergent-Time-Theory-Enhanced-Microsoft-Exchange-ExploitPOC详情
58CTT-enhanced version of the Microsoft Exchange Server SSRF to RCE exploit (ProxyShell/ProxyLogon), another CVSS 10.0 critical vulnerability that affected hundreds of thousands of organizations worldwide.https://github.com/SimoesCTT/CTT-Exchange-RCE-v1.0---Microsoft-Exchange-Exploit-CVSS-10.0-CRITICAL-CVE-2021-26855-CVE-2021-27065POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2021-26855 的情报信息
Please 登录 to view more intelligence information
四、漏洞 CVE-2021-26855 的评论

暂无评论

发表评论