Tech Editorials #Advisory #CVE #RCE #Exchange #Pwn2Own

A New Attack Surface on MS Exchange Part 3 - ProxyShell!

Orange Tsai 2021-08-22

This is a guest post DEVCORE collaborated with Zero Day Initiative (ZDI) and published at their blog, which describes the exploit chain we demonstrated at Pwn2Own 2021! Please visit the following link to read that :)

If you are interesting in more Exchange Server attacks, you can also check our series of articles:

With ProxyShell, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server through an exposed 443 port! Here is the demonstration video: