Back to directory

WRITEUP #3497

A New Attack Surface on MS Exchange Part 1 - ProxyLogon!

RCEPrivilege escalation

by@orange_8361(Orange Tsai)

Bounty

200,000

Program

Microsoft

Published

Aug 18, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://devco.re/blog/2021/08/06/a-new-attack-surface-on-MS-exchange-part-1-ProxyLogon/

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

RCEDependency confusion

Attacking PowerShell CLIXML Deserialization

DeserializationInsecure deserialization

Escalating From Reader To Contributor In Azure API Management

Privilege Escalation

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

Built with ❤️ by Shubham Rawat