CVE-2022-41040

Description from NVD

Microsoft Exchange Server Elevation of Privilege Vulnerability.

Information Acquisition Date:2022-12-21T21:19Z
CVSS 2.0: 0.0 None CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NVD References

 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41040
     source:MISC
     tags:Mitigation    Patch    Vendor Advisory    
 VU#915563
     source:CERT-VN
     tags:Third Party Advisory    US Government Resource    
 http://packetstormsecurity.com/files/170066/Microsoft-Exchange-ProxyNotShell-Remote-Code-Execution.html
     source:MISC
     tags:Exploit    Third Party Advisory    VDB Entry    

This vulnerability may involve a PoC.

Description from Forti

Information Acquisition Date:2020/01/22

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Exchange(3 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://medium.com51
https://cvetrends.com51
https://nake19
http://twinybots.ch15
https://thehackernews.com/2022/09/microsoft-confirms-2-new-...10
https://www.helpnetsecurity.com/2022/09/30/cve-2022-41040-c...8
https://www.cisa.gov/known-exploited-vulnerabilities-catalog7
https://www.snort.org/downloads7
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2...7
https://tweetedtimes.com/susession?s=tnp6
https://github.com/revers0id/CVE-2022-41082-PoC5
https://www.securityweek.com/microsoft-links-exploitation-e...5
https://securityboulevard.com/2022/10/safebreach-coverage-f...5
https://www.bleepingcomputer.com/news/microsoft/microsoft-c...5
https://community.emergingthreats.net/t/regarding-coverage-...5
https://gteltsc.vn/blog/warning-new-attack-campaign-utilize...4
http://cyberiqs.com/latestnews4
https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41...4
https://www.microsoft.com/security/blog/2022/09/30/analyzin...4
https://nakedsecurity.sophos.com/20224
https://URL/autodiscover/autodiscover.json3
https://buff.ly/3LSgcQw3
https://xtra.li/3rsmwF13
https://twitter.com/SeguInfo/status/15758290000809205773
http://mi6rogue.com/blog3
https://hackerone.com/reports/17197193
https://securelist.com/cve-2022-41040-and-cve-2022-41082-ze...3
https://doublepulsar.com/proxynotshell-the-story-of-the-cla...3
http://mail.acronis.com3
https://www.borncity.com/blog/2022/10/11/exchange-server-ne...3
https://m365internals.com/2022/10/05/mitigating-cve-2022-41...3
https://www.wordfence.com/blog/2022/10/two-weeks-of-monitor...3
https://securityaffairs.co/wordpress/138768/hacking/proxyno...3
https://securitytrails.com/blog/zero-day-microsoft-exchange...3
https://www.safebreach.com/resources/blog/safebreach-covera...3
https://securityonline.info/cve-2022-41040-cve-2022-41082-e...3
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-a...3
https://blog.segu-info.com.ar/2022/10/vulnerabilidad-critic...3
https://msrc-blog.microsoft.com/2022/09/29/customer-guidanc...3
https://ipssignatures.appspot.com/?cve=CVE-2022-410403
https://www.zerodayinitiative.com/blog/2022/11/14/control-y...3
https://unit42.paloaltonetworks.com/proxynotshell-cve-2022-...3

Information from Twitter

User URL Info Source Date
BitSight https://bitsig.ht/3RhETsc Source BitSight         1622959107463598081 2023/02/07
BitSight https://twitter.com/BitSight/status/1622959107463598081/pho... Source BitSight         1622959107463598081 2023/02/07
fe_tsoc https://socradar.io/reports-of-proxynotshell-vulnerabilitie... Source fe_tsoc          1630259749877952516 2023/02/28
threatintelctr https://nvd.nist.gov/vuln/detail/CVE-2022-41040 Source threatintelctr   1631420845175324672 2023/03/03
fletch_ai https://bit.ly/3GviGlo Source fletch_ai        1636614607941910531 2023/03/17
adrielsec https://URL/autodiscover/autodiscover.json Source adrielsec        1636860715683160069 2023/03/18
ipssignatures https://twitter.com/adrielsec/status/1636860715683160069 Source ipssignatures    1636942001659682816 2023/03/18
adrielsec https://www.youtube.com/watch?v=rXx8_GMsZUA Source adrielsec        1638920773308915712 2023/03/24

List of frequently cited URLs

URLNum of Times Referred to
medium.com51
cvetrends.com51
nake19
twinybots.ch15
thehackernews.com10
www.helpnetsecurity.com8
www.cisa.gov7
www.snort.org7
msrc.microsoft.com7
tweetedtimes.com6
github.com5
www.securityweek.com5
securityboulevard.com5
www.bleepingcomputer.com5
community.emergingthreats.net5
gteltsc.vn4
cyberiqs.com4
www.tenable.com4
www.microsoft.com4
nakedsecurity.sophos.com4
URL3
buff.ly3
xtra.li3
twitter.com3
mi6rogue.com3
hackerone.com3
securelist.com3
doublepulsar.com3
mail.acronis.com3
www.borncity.com3
m365internals.com3
www.wordfence.com3
securityaffairs.co3
securitytrails.com3
www.safebreach.com3
securityonline.info3
www.crowdstrike.com3
blog.segu-info.com.ar3
msrc-blog.microsoft.com3
ipssignatures.appspot.com3
www.zerodayinitiative.com3
unit42.paloaltonetworks.com3

Information from Twitter

User URL Info Source
BitSight bitsig.ht Show Tweet
BitSight twitter.com Show Tweet
fe_tsoc socradar.io Show Tweet
threatintelctr nvd.nist.gov Show Tweet
fletch_ai bit.ly Show Tweet
adrielsec URL Show Tweet
ipssignatures twitter.com Show Tweet
adrielsec youtube.com Show Tweet
GitHub Search Results: Up to 10
NameURL
kljunowsky/CVE-2022-41040-POC https://github.com/kljunowsky/CVE-2022-41040-POC
TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell
numanturle/CVE-2022-41040 https://github.com/numanturle/CVE-2022-41040
d3duct1v/CVE-2022-41040 https://github.com/d3duct1v/CVE-2022-41040
PyterSmithDarkGhost/ZERODAYENCADEAMENTOCVE2022-41040-CVE2022-41082 https://github.com/PyterSmithDarkGhost/ZERODAYENCADEAMENTOCVE2022-41040-CVE2022-41082
trhacknon/CVE-2022-41040-metasploit-ProxyNotShell https://github.com/trhacknon/CVE-2022-41040-metasploit-ProxyNotShell
rjsudlow/proxynotshell-IOC-Checker https://github.com/rjsudlow/proxynotshell-IOC-Checker
ITPATJIDR/CVE-2022-41040 https://github.com/ITPATJIDR/CVE-2022-41040
r3dcl1ff/CVE-2022-41040 https://github.com/r3dcl1ff/CVE-2022-41040
CentarisCyber/CVE-2022-41040_Mitigation https://github.com/CentarisCyber/CVE-2022-41040_Mitigation
GitHub Search Results: Up to 10
NameURL
kljunowsky/CVE-2022-41040-POC github.com
TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell github.com
numanturle/CVE-2022-41040 github.com
d3duct1v/CVE-2022-41040 github.com
PyterSmithDarkGhost/ZERODAYENCADEAMENTOCVE2022-41040-CVE2022-41082 github.com
trhacknon/CVE-2022-41040-metasploit-ProxyNotShell github.com
rjsudlow/proxynotshell-IOC-Checker github.com
ITPATJIDR/CVE-2022-41040 github.com
r3dcl1ff/CVE-2022-41040 github.com
CentarisCyber/CVE-2022-41040_Mitigation github.com
2023/03/24 Score : 0
Added Har-sia Database : 2022/09/30
Last Modified : 2023/03/24
Highest Scored Date : 2022/09/30
Highest Score : 145