ProxyNotShell Exchange RCE chained with SSRF (CVE-2022-41040). Apply October 2022 Exchange patches and enable Extended Protection for Authentication. Monitor for webshell activity in Exchange IIS logs.
Microsoft Exchange Server Remote Code Execution Vulnerability allowing an authenticated attacker to trigger malicious code in the context of the server account via a network call.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →