module
Microsoft Exchange ProxyShell RCE
| Disclosed |
|---|
| Apr 6, 2021 |
Disclosed
Apr 6, 2021
Description
This module exploits a vulnerability on Microsoft Exchange Server that
allows an attacker to bypass the authentication (CVE-2021-31207), impersonate an
arbitrary user (CVE-2021-34523) and write an arbitrary file (CVE-2021-34473) to achieve
the RCE (Remote Code Execution).
By taking advantage of this vulnerability, you can execute arbitrary
commands on the remote Microsoft Exchange Server.
This vulnerability affects Exchange 2013 CU23
Exchange 2016 CU19 Exchange 2019 CU8
All components are vulnerable by default.
allows an attacker to bypass the authentication (CVE-2021-31207), impersonate an
arbitrary user (CVE-2021-34523) and write an arbitrary file (CVE-2021-34473) to achieve
the RCE (Remote Code Execution).
By taking advantage of this vulnerability, you can execute arbitrary
commands on the remote Microsoft Exchange Server.
This vulnerability affects Exchange 2013 CU23
Exchange 2016 CU19 Exchange 2019 CU8
All components are vulnerable by default.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.