.. / CVE-2021-34473

Exploit for Exchange Server - Remote Code Execution (CVE-2021-34473)

Description:

Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.

Nuclei Template

View the template here CVE-2021-34473.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2021/CVE-2021-34473.yaml

References:

https://peterjson.medium.com/reproducing-the-proxyshell-pwn2own-exploit-49743a4ea9a1
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34473
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34473
https://nvd.nist.gov/vuln/detail/CVE-2021-34473
https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html