Blog of Viettel Cyber Security
  • Home
  • About Us
  • News
  • Threats
  • Researches
Subscribe
Tagged

Microsoft Exchange

A collection of 2 posts

The OWASSRF + TabShell exploit chain
Researches

The OWASSRF + TabShell exploit chain

We see that one of our vulnerabilities is exploited in the wild Link. So we decided to public the detail analysis of our two bug chain. Any customer has enough information to mitigate these bugs. The vendor also released all patches two weeks ago. This blog post shares the detail

rskvp93 Dec 26, 2022 • 9 min read
Pwn2Own 2021 Microsoft Exchange Exploit Chain
Researches

Pwn2Own 2021 Microsoft Exchange Exploit Chain

VULNERABILITY TITLE Microsoft Exchange Unauthenticated SSRF in Autodiscover frontend service combined with Authentication Bypass in Powershell Backend service and Arbitrary File Write in OAB backend service lead to Remote Code Execution VULNERABILITY SUMMARY The chains of 3 vulnerablity allows remote attackers to write a webshell and execute arbitrary code on

rskvp93 Jun 23, 2022 • 11 min read
Blog of Viettel Cyber Security © 2023
Powered by Ghost