Exploit for #VU51168 Input validation error in Microsoft Exchange Server

Cybersecurity Help s.r.o.

Published: 2021-03-18 | Updated: 2022-06-27

Vulnerability identifier: #VU51168

Vulnerability risk: Critical

CVSSv4.0: 8.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2021-27065

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 13

June 27, 2022
- ProxyLogon (ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)) [Github]
September 12, 2021
- ProxyVulns ([ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.) [Github]
August 18, 2021
- ExchangeSSRFtoRCEExploit (CVE-2021-26855 & CVE-2021-27065) [Github]
June 17, 2021
- Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit) [Exploit-DB]
June 10, 2021
- ProxyLogon (ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth [Github]
June 6, 2021
- exchange_proxylogon (Module pack for #ProxyLogon (part. of my contribute for Metasploit-Framework) [CVE-2021-26855 && CVE-2021-27065]) [Github]
May 26, 2021
- proxylogscan (A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).) [Github]
May 24, 2021
- CVE-2021-26855 (CVE-2021-26855 exp) [Github]
May 9, 2021
- Microsoft Exchange ProxyLogon RCE [Metasploit]
April 16, 2021
- ProxyLogon (CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit) [Github]
April 1, 2021
- exprolog (ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)) [Github]
March 26, 2021
- proxylogon-exploit (Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.) [Github]
March 18, 2021
- ProxyLogon (ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)) [Github]

Vulnerable software:
Microsoft Exchange Server
Server applications / Mail servers

Vendor: Microsoft