CVE-2022-41080

Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41123.

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

List of frequently cited URLs

URL	Num of Times Referred to
https://cvetrends.com	51
https://thehackernews.com/2023/01/rackspace-confirms-play-r...	11
https://securityaffairs.com/140647/security/cisa-known-expl...	11
https://www.helpnetsecurity.com/2022/12/21/cve-2022-41080	11
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-a...	9
https://xcloud.spectrum.colortokens.com/cve/CVE-2022-41080	8
https://blog.viettelcybersecurity.com/tabshell-owassrf	6
https://www.cisa.gov/known-exploited-vulnerabilities-catalog	5
https://twitter.com/hoangnx99/status/1602917841346637825	4
https://msrc.microsoft.com/update-guide/en-US/vulnerability...	4
https://noticiasseguridad.com/malware-virus/la-nueva-cadena...	4
https://www.rapid7.com/blog/post/2022/12/21/cve-2022-41080-...	3
https://tweetedtimes.com/BhaavukAroraa?s=tnp	3

Name	URL
balki97/OWASSRF-CVE-2022-41082-POC	https://github.com/balki97/OWASSRF-CVE-2022-41082-POC
Live-Hack-CVE/CVE-2022-41080	https://github.com/Live-Hack-CVE/CVE-2022-41080
ohnonoyesyes/CVE-2022-41080	https://github.com/ohnonoyesyes/CVE-2022-41080
Live-Hack-CVE/CVE-2022-41123	https://github.com/Live-Hack-CVE/CVE-2022-41123

Name	URL
balki97/OWASSRF-CVE-2022-41082-POC	github.com
Live-Hack-CVE/CVE-2022-41080	github.com
ohnonoyesyes/CVE-2022-41080	github.com
Live-Hack-CVE/CVE-2022-41123	github.com

CVE-2022-41080

Description from NVD

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NVD References

Refer to Information on External Sites

▼ Show Information from Twitter(249)

▼ Show Information from Twitter(249)

URL	Num of Times Referred to
cvetrends.com	51
thehackernews.com	11
securityaffairs.com	11
www.helpnetsecurity.com	11
www.crowdstrike.com	9
xcloud.spectrum.colortokens.com	8
blog.viettelcybersecurity.com	6
www.cisa.gov	5
twitter.com	4
msrc.microsoft.com	4
noticiasseguridad.com	4
www.rapid7.com	3
tweetedtimes.com	3

User	URL	Info Source
CrowdStrike	crwdstr.ke	Show Tweet
cbmead	crwdstr.ke	Show Tweet
TGEtheridge	crwdstr.ke	Show Tweet
andysommer	crwdstr.ke	Show Tweet
HaboubiAnis	crowdstrike.com	Show Tweet
fancy_4n6	twitter.com	Show Tweet
fancy_4n6	twitter.com	Show Tweet
BleepinComputer	msrc.microsoft.com	Show Tweet
BleepinComputer	twitter.com	Show Tweet
BleepinComputer	twitter.com	Show Tweet
cybersecureny	twitter.com	Show Tweet
cybersecureny	twitter.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
allaboutclait	crowdstrike.com	Show Tweet
MachinaRecord	twitter.com	Show Tweet
digihash	msrc.microsoft.com	Show Tweet
digihash	crowdstrike.com	Show Tweet
sneakymonk3y	twitter.com	Show Tweet
sneakymonk3y	twitter.com	Show Tweet
tribal_sec	bleepingcomputer.com	Show Tweet
shah_sheikh	helpnetsecurity.com	Show Tweet
shah_sheikh	twitter.com	Show Tweet
helpnetsecurity	helpnetsecurity.com	Show Tweet
helpnetsecurity	twitter.com	Show Tweet
autumn_good_35	crowdstrike.com	Show Tweet
autumn_good_35	twitter.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
cipherstorm	helpnetsecurity.com	Show Tweet
cipherstorm	twitter.com	Show Tweet
SK_Expert	ift.tt	Show Tweet
SecurityNewsbot	helpnetsecurity.com	Show Tweet
PoseidonTPA	news.poseidon-us.com	Show Tweet
PoseidonTPA	twitter.com	Show Tweet
Xc0resecurity	dlvr.it	Show Tweet
joviannfeed	bit.ly	Show Tweet
kackerman_IT	dlvr.it	Show Tweet
kackerman_IT	twitter.com	Show Tweet
TheCISOAdviser	crwdstr.ke	Show Tweet
blu3cloak	helpnetsecurity.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
web4x4_es	helpnetsecurity.com	Show Tweet
AdliceSoftware	msrc.microsoft.com	Show Tweet
SouthSeasData	helpnetsecurity.com	Show Tweet
vumetric	vumetric.com	Show Tweet
Sec_Cyber	securecybersolution.com	Show Tweet
AcooEdi	dlvr.it	Show Tweet
AcooEdi	twitter.com	Show Tweet
buzz_sec	ift.tt	Show Tweet
rapid7	r-7.co	Show Tweet
ChristiaanBeek	rapid7.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
StopMalvertisin	bit.ly	Show Tweet
autumn_good_35	rapid7.com	Show Tweet
ANDREWsHAUSER	lnkd.in	Show Tweet
ANDREWsHAUSER	lnkd.in	Show Tweet
tony_cleal	helpnetsecurity.com	Show Tweet
DennisF	rapid7.com	Show Tweet
foxbook	helpnetsecurity.com	Show Tweet
shinz0n	rapid7.com	Show Tweet
papa_anniekey	rapid7.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
GuyBruneau	lnkd.in	Show Tweet
Jonesls	rapid7.com	Show Tweet
kubergeek	rapid7.com	Show Tweet
blackorbird	crowdstrike.com	Show Tweet
blackorbird	twitter.com	Show Tweet
Raj_Samani	rapid7.com	Show Tweet
Raj_Samani	twitter.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
DavinsiLabs	twitter.com	Show Tweet
nish	rapid7.com	Show Tweet
RezaMAlavi	rapid7.com	Show Tweet
electrocode	rapid7.com	Show Tweet
BhaavukAroraa	rapid7.com	Show Tweet
BhaavukAroraa	tweetedtimes.com	Show Tweet
certlv	cert.lv	Show Tweet
certlv	twitter.com	Show Tweet
deepth0th	rapid7.com	Show Tweet
renu_cert	rapid7.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
top3cve	twitter.com	Show Tweet
top3cve	twitter.com	Show Tweet
top3cve	twitter.com	Show Tweet
SOC_Prime	socprime.com	Show Tweet
SOC_Prime	twitter.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
CyberJack42	rapid7.com	Show Tweet
feffi1	rapid7.com	Show Tweet
feffi1	twitter.com	Show Tweet
veronicabp_	rapid7.com	Show Tweet
iicsorg	noticiasseguridad.com	Show Tweet
iicsorg	twitter.com	Show Tweet
AcooEdi	dlvr.it	Show Tweet
AcooEdi	twitter.com	Show Tweet
wiz_io	wiz.io	Show Tweet
torsity_intel	noticiasseguridad.com	Show Tweet
fletch_ai	twitter.com	Show Tweet
Hacktivos	dlvr.it	Show Tweet
web4x4_es	noticiasseguridad.com	Show Tweet
michaelt452	crwdstr.ke	Show Tweet
MrTaherAmine	rapid7.com	Show Tweet
AndreCarraretto	crwdstr.ke	Show Tweet
top3cve	twitter.com	Show Tweet
top3cve	twitter.com	Show Tweet
top3cve	twitter.com	Show Tweet
Reza_Akhlaghy	rapid7.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
Andypittaluga	crwdstr.ke	Show Tweet
CERTpy	cert.gov.py	Show Tweet
CERTpy	twitter.com	Show Tweet
ptracesecurity	rapid7.com	Show Tweet
ptracesecurity	twitter.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
ipssignatures	twitter.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
ipssignatures	twitter.com	Show Tweet
CycuraMX	twitter.com	Show Tweet
phat_hobbit	helpnetsecurity.com	Show Tweet
MalwarePatrol	bleepingcomputer.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
NaderZaveri	crowdstrike.com	Show Tweet
buaqbot	ift.tt	Show Tweet
buaqbot	ift.tt	Show Tweet
inthewildio	inthewild.io	Show Tweet
cbmead	crwdstr.ke	Show Tweet
DeIureNoticias	noticiasseguridad.com	Show Tweet
ZYen_SF	helpnetsecurity.com	Show Tweet
__kokumoto	bleepingcomputer.com	Show Tweet
RobWright22	twitter.com	Show Tweet
chrislopinto	msrc.microsoft.com	Show Tweet
chrislopinto	msrc.microsoft.com	Show Tweet
VulmonFeeds	vulmon.com	Show Tweet
autumn_good_35	blog.viettelcybersecurity.com	Show Tweet
TheHackersNews	thehackernews.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
_DrFrusci	thehackernews.com	Show Tweet
IT_news_for_all	thehackernews.com	Show Tweet
IT_news_for_all	t.me	Show Tweet
Swati_THN	thehackernews.com	Show Tweet
TheGhostJapan1	thehackernews.com	Show Tweet
unix_root	thehackernews.com	Show Tweet
_bettercyber_	twitter.com	Show Tweet
_bettercyber_	twitter.com	Show Tweet
security_wang	thehackernews.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
SPCoulson	lnkd.in	Show Tweet
TheHackersNews	thehackernews.com	Show Tweet
_DrFrusci	thehackernews.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
Emmanuel_Anete	thehackernews.com	Show Tweet
Netmedia_mx	zurl.co	Show Tweet
Netmedia_mx	zurl.co	Show Tweet
YourAnonRiots	thehackernews.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
Har_sia	har-sia.info	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
HackingTeam1	blog.viettelcybersecurity.com	Show Tweet
HackingTeam1	msrc.microsoft.com	Show Tweet
HackingTeam1	crowdstrike.com	Show Tweet
HackingTeam1	msrc.microsoft.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
Raj_Samani	theregister.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
catnap707	cafe-dc.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
ha3ks	cve.mitre.org	Show Tweet
Ransomware_Help	twitter.com	Show Tweet
NobMiwa	thehackernews.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
sneakymonk3y	theregister.com	Show Tweet
secalertsasia	cstu.io	Show Tweet
MachinaRecord	twitter.com	Show Tweet
__kokumoto	us-cert.cisa.gov	Show Tweet
__kokumoto	kev.kokumoto.com	Show Tweet
kawada_syogo225	twitter.com	Show Tweet
hogehuga	cisa.gov	Show Tweet
VulmonFeeds	vulmon.com	Show Tweet
SompoCyber	twitter.com	Show Tweet
catnap707	security-next.com	Show Tweet
catnap707	twitter.com	Show Tweet
iSecurity	dlvr.it	Show Tweet
securityaffairs	securityaffairs.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
MalwarePatrol	bleepingcomputer.com	Show Tweet
Alevskey	ift.tt	Show Tweet
shah_sheikh	securityaffairs.com	Show Tweet
TheCyberSecHub	dlvr.it	Show Tweet
thedpsadvisors	securityaffairs.com	Show Tweet
AcooEdi	dlvr.it	Show Tweet
Xc0resecurity	dlvr.it	Show Tweet
daveDFIR	ift.tt	Show Tweet
security_inside	securityaffairs.com	Show Tweet
DarkOperator	ift.tt	Show Tweet
sonnialigao	ift.tt	Show Tweet
profxeni	bit.ly	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
MAlajab	cisa.gov	Show Tweet
MAlajab	twitter.com	Show Tweet
HackerSpyNet1	securityaffairs.com	Show Tweet
GetOppos	smpl.is	Show Tweet
GetOppos	twitter.com	Show Tweet
avoidthehack	cisa.gov	Show Tweet
CSIRT_Telconet	csirt.telconet.net	Show Tweet
CSIRT_Telconet	twitter.com	Show Tweet
foxbook	securityaffairs.com	Show Tweet
bestavbyssg	helpnetsecurity.com	Show Tweet
bestavbyssg	twitter.com	Show Tweet
nucleussec	nucleussec.com	Show Tweet
Whitehead4Jeff	securityaffairs.com	Show Tweet
securityaffairs	securityaffairs.com	Show Tweet
tadmaddad	securityaffairs.com	Show Tweet
di993r	securityaffairs.com	Show Tweet
securityaffairs	securityaffairs.com	Show Tweet
SicurezzaICT	dlvr.it	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
LAFarnum	crwdstr.ke	Show Tweet
IT_news_for_all	msrc.microsoft.com	Show Tweet
IT_news_for_all	t.me	Show Tweet
IT_news_for_all	msrc.microsoft.com	Show Tweet
IT_news_for_all	t.me	Show Tweet
IT_news_for_all	msrc.microsoft.com	Show Tweet
IT_news_for_all	t.me	Show Tweet
ntsuji	cafe-dc.com	Show Tweet
Raj_Samani	rapid7.com	Show Tweet
Raj_Samani	twitter.com	Show Tweet
ColorTokensInc	xcloud.spectrum.colortokens.com	Show Tweet
MachinaRecord	codebook.machinarecord.com	Show Tweet
CVEtrends	cvetrends.com	Show Tweet
CwealthSentinel	bit.ly	Show Tweet
Zephyrusrules	rapid7.com	Show Tweet
Zephyrusrules	twitter.com	Show Tweet
Luicito56221084	rapid7.com	Show Tweet
Luicito56221084	rapid7.com	Show Tweet
MAlajab	bleepingcomputer.com	Show Tweet
MAlajab	twitter.com	Show Tweet
AliensonDaniel	dlvr.it	Show Tweet
security_oso	buff.ly	Show Tweet
ohhara_shiojiri	fortiguard.fortinet.com	Show Tweet
cyb3rops	rapid7.com	Show Tweet
cyb3rops	twitter.com	Show Tweet
RedMapleTweets	ow.ly	Show Tweet
iototsecnews	iototsecnews.jp	Show Tweet
seconize_co	riskscore.info	Show Tweet
seconize_co	twitter.com	Show Tweet
TeamWorxSec	linkedin.com	Show Tweet
Jipe_	crowdstrike.com	Show Tweet