Exploit for Microsoft Exchange Server ProxyLogon vulnerability CVE-2021-26855

Name: Exploit for Microsoft Exchange Server ProxyLogon vulnerability CVE-2021-26855
Rating: 5 (369 reviews)

2021-03-19 | CVSS 7.5

## https://sploitus.com/exploit?id=SAINT:8E748D4A2FD6DFA108D87FF09FFEF2AE
Added: 03/19/2021  


### Background

Microsoft Exchange is an e-mail server for Microsoft Windows operating systems. 

### Problem

A server-side request forgery vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary commands. 

### Resolution

Apply the patch referenced in Microsoft Advisory [CVE-2021-26855](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855>). 

### References

<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855>  
<https://proxylogon.com/>  


### Limitations

Exploit requires knowledge of an e-mail address on the target mail server. 

Exploit creates a web shell in `\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\test11.aspx` which must be manually removed after a successful exploit. 

### Platforms

Windows