Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. [已公开] id: CVE-2021-28481 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound) author: daffainfo severity: critical description: | Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. impact: | Attackers can execute arbitrary code remotely, potentially leading to full system compromise or data breach remediation: | Apply the latest security patches and updates provided by Microsoft for Exchange Server reference: - https://sec.vnpt.vn/2021/04/microsoft-exchange-from-deserialization-to-post-auth-rce-cve-2021-28482 - https://hitcon.org/2021/agenda/279d7810-e619-4dc3-9113-b11bad5277ec/The%20Proxy%20Era%20of%20Microsoft%20Exchange%20Server.pdf - https://www.youtube.com/watch?v=vn4niT9XEIM - https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-28481 - https://nvd.nist.gov/vuln/detail

未知