ProxyLogon file write — chained with CVE-2021-26855 for full unauthenticated RCE and webshell deployment. Mass-exploited by 10+ APT groups in 2021. Check for China Chopper and similar webshells in Exchange OWA directories.
Microsoft Exchange Server remote code execution vulnerability as part of the ProxyLogon chain allowing unauthenticated attackers to write files to arbitrary paths.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →