This Metasploit module exploits a .NET serialization vulnerability in the Exchange Control Panel (ECP) web page. The vulnerability is due to Microsoft Exchange Server not randomizing the keys on a per-installation basis resulting in them using the same validationKey and decryptionKey values. With knowledge of these, values an attacker can craft a special viewstate to cause an OS command to be executed by NT_AUTHORITY\SYSTEM using .NET deserialization.
9ba178072e43dcc78183e17a6aebcaa356ad487774d5b60829b0623367acc1fbMicrosoft Exchange 2019 version 15.2.221.12 suffers from an authenticated remote code execution vulnerability.
2209d610405eecbd97899d9712efd45c455cffc7e713903504d884634ddf470f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed