ProxyLogon SYSTEM RCE via Exchange Unified Messaging deserialization — chained with CVE-2021-26855 SSRF for full unauthenticated compromise. Apply March 2021 emergency patches and run Microsoft MSERT to detect webshells already deployed.
Microsoft Exchange Server remote code execution vulnerability due to insecure deserialization used by the Unified Messaging service. Part of the ProxyLogon family.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →