CVE-2022-41082

This repository contains a functional PoC for CVE-2022-41082, a post-auth RCE vulnerability in Microsoft Exchange (ProxyNotShell OWASSRF). It includes a Python script to exploit the vulnerability and a PowerShell script (TabShell.ps1) for privilege escalation via CVE-2022-41076.

This repository provides an Nmap NSE script to detect the presence of CVE-2022-41082, a Microsoft Exchange vulnerability. It checks for virtual patching or workarounds but does not include exploit code for achieving RCE.

This repository contains a Python-based PoC for CVE-2022-41082, an OWASSRF vulnerability in Microsoft Exchange servers. The exploit bypasses authentication and executes arbitrary commands via PowerShell, potentially leading to remote code execution (RCE).

This repository provides an Nmap NSE script to scan for CVE-2022-41082, a Microsoft Exchange Server Remote Code Execution Vulnerability. It includes instructions for checking both HTTP and HTTPS endpoints.

This YAML file is a Nuclei template designed to detect CVE-2022-41082, a Microsoft Exchange Server vulnerability, by sending a crafted HTTP request to the autodiscover endpoint and checking for specific response patterns (401 status and 'x-owa-version' header). It does not contain exploit code but serves as a detection mechanism.

This repository contains a functional PoC for CVE-2022-41082, a post-auth RCE vulnerability in Microsoft Exchange (ProxyNotShell OWASSRF). It includes a Python script for exploitation and a PowerShell script (TabShell.ps1) for privilege escalation via CVE-2022-41076.

This repository is a detailed writeup and incident report on an attempted exploitation of CVE-2022-41082, a critical RCE vulnerability in Microsoft Exchange Server. It includes analysis of the attack, mitigation strategies, and detection methods.

This repository provides an Nmap script to scan for CVE-2022-41082, a vulnerability in Microsoft Exchange Server. It does not include exploit code but offers a detection method for both HTTP and HTTPS services.

This Metasploit module exploits CVE-2022-41040 (SSRF) and CVE-2022-41082 (deserialization) to achieve RCE on Microsoft Exchange Server 2019 via authenticated Powershell backend interaction.

This repository contains a Python-based scanner for detecting CVE-2022-40140 and CVE-2022-41082 (NotProxyShell) vulnerabilities in Microsoft Exchange Server. It sends crafted HTTP requests to the target and checks for specific response patterns to determine potential vulnerability.

The repository contains a script that automates domain discovery and Nmap scanning for CVE-2022-41082 (ProxyNotShell) using a custom NSE script. It does not include functional exploit code but aids in vulnerability detection.