CVE-2022-41082

Description from NVD

Microsoft Exchange Server Remote Code Execution Vulnerability.

Information Acquisition Date:2022-11-18T19:30Z
CVSS 2.0: 0.0 None CVSS 3.x: 8.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

NVD References

 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41082
     source:MISC
     tags:Patch    Vendor Advisory    
 VU#915563
     source:CERT-VN
     tags:Third Party Advisory    US Government Resource    

This vulnerability may involve a PoC.

Description from Forti

Possible New Microsoft Exchange RCE 0-day Being Exploited in the Wild

Information Acquisition Date:2022/10/01

Affected Products

Impact

Recommended Actions

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Apache(1 tweets) BIG-IP(1 tweets) Chrome(1 tweets) Exchange(72 tweets) Windows(5 tweets) Wordpress(4 tweets) iOS(1 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com49
https://nakedsecurity.sophos.com/202218
http://twinybots.ch15
https://thehackernews.com/2022/09/microsoft-confirms-2-new-...10
https://www.helpnetsecurity.com/2022/09/30/cve-2022-41040-c...8
https://www.cisa.gov/known-exploited-vulnerabilities-catalog7
https://www.snort.org/downloads7
https://github.com/revers0id/CVE-2022-41082-PoC6
http://cyberiqs.com/latestnews6
https://tweetedtimes.com/susession?s=tnp6
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2...6
https://www.securityweek.com/microsoft-links-exploitation-e...5
https://securityboulevard.com/2022/10/safebreach-coverage-f...5
https://www.bleepingcomputer.com/news/microsoft/microsoft-c...5
https://ipssignatures.appspot.com/?cve=CVE-2022-410825
https://community.emergingthreats.net/t/regarding-coverage-...5
https://gteltsc.vn/blog/warning-new-attack-campaign-utilize...4
https://www.tenable.com/blog/cve-2022-41040-and-cve-2022-41...4
https://www.microsoft.com/security/blog/2022/09/30/analyzin...4
https://buff.ly/3LSgcQw3
https://xtra.li/3rsmwF13
https://twitter.com/SeguInfo/status/15758290000809205773
http://mi6rogue.com/blog3
https://doublepulsar.com/proxynotshell-the-story-of-the-cla...3
https://www.borncity.com/blog/2022/10/11/exchange-server-ne...3
https://www.wordfence.com/blog/2022/10/two-weeks-of-monitor...3
https://securityaffairs.co/wordpress/138768/hacking/proxyno...3
https://securitytrails.com/blog/zero-day-microsoft-exchange...3
https://www.safebreach.com/resources/blog/safebreach-covera...3
https://securityonline.info/cve-2022-41040-cve-2022-41082-e...3
https://www.vulnmachines.com3
https://blog.segu-info.com.ar/2022/10/vulnerabilidad-critic...3
https://msrc-blog.microsoft.com/2022/09/29/customer-guidanc...3
https://www.zerodayinitiative.com/blog/2022/11/14/control-y...3
https://unit42.paloaltonetworks.com/proxynotshell-cve-2022-...3

▼ Show Information from Twitter(133)


List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com49
nakedsecurity.sophos.com18
twinybots.ch15
thehackernews.com10
www.helpnetsecurity.com8
www.cisa.gov7
www.snort.org7
github.com6
cyberiqs.com6
tweetedtimes.com6
msrc.microsoft.com6
www.securityweek.com5
securityboulevard.com5
www.bleepingcomputer.com5
ipssignatures.appspot.com5
community.emergingthreats.net5
gteltsc.vn4
www.tenable.com4
www.microsoft.com4
buff.ly3
xtra.li3
twitter.com3
mi6rogue.com3
doublepulsar.com3
www.borncity.com3
www.wordfence.com3
securityaffairs.co3
securitytrails.com3
www.safebreach.com3
securityonline.info3
www.vulnmachines.com3
blog.segu-info.com.ar3
msrc-blog.microsoft.com3
www.zerodayinitiative.com3
unit42.paloaltonetworks.com3

▼ Show Information from Twitter(133)


GitHub Search Results: Up to 10
NameURL
mr-r3b00t/NotProxyShellHunter https://github.com/mr-r3b00t/NotProxyShellHunter
Diverto/nse-exchange https://github.com/Diverto/nse-exchange
rjsudlow/proxynotshell-IOC-Checker https://github.com/rjsudlow/proxynotshell-IOC-Checker
ZephrFish/NotProxyShellScanner https://github.com/ZephrFish/NotProxyShellScanner
notareaperbutDR34P3r/http-vuln-CVE-2022-41082 https://github.com/notareaperbutDR34P3r/http-vuln-CVE-2022-41082
trhacknon/CVE-2022-41082-MASS-SCANNER https://github.com/trhacknon/CVE-2022-41082-MASS-SCANNER
west-wind/Threat-Hunting-With-Splunk https://github.com/west-wind/Threat-Hunting-With-Splunk

GitHub Search Results: Up to 10
NameURL
mr-r3b00t/NotProxyShellHunter github.com
Diverto/nse-exchange github.com
rjsudlow/proxynotshell-IOC-Checker github.com
ZephrFish/NotProxyShellScanner github.com
notareaperbutDR34P3r/http-vuln-CVE-2022-41082 github.com
trhacknon/CVE-2022-41082-MASS-SCANNER github.com
west-wind/Threat-Hunting-With-Splunk github.com

2022/12/02 Score : 1
Added Har-sia Database : 2022/09/30
Last Modified : 2022/12/02
Highest Scored Date : 2022/09/30
Highest Score : 146