ProxyNotShell SSRF — entry point for the two-CVE Exchange RCE chain. Apply November 2022 patches. Enable Extended Protection for Authentication (EPA) as official mitigation before patching. Disable PowerShell Remoting on Exchange if exploitation is a concern.
Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability. ProxyNotShell entry point allowing authenticated users to trigger SSRF then chain with CVE-2022-41082.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →