Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins An attacker can leverage this vulnerability to escalate privileges to an administrative account ...
Microsoft Exchange Server msExchEcpCanary Cross Site Request Forgery Elevation of Privilege Vulnerability
This is a Proof of Concept for CVE-2021-24085
pocpy downloads the targets cert file with private key inside
YellowCanary generates the msExchEcpCanary csrf token for a specific user based on the SID
pocjs is the csrf exploit to trigger an account takeover
I have not pr