CVEs-PoC/2020/CVE-2020-16875.md at dc6e2cf7158eeb24cfecb4d64f4f1da9a8a732e2

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-05 23:16:42 +02:00

Files

T

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.

An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. Exploitation of the vulnerability requires an authenticated user in a certain Exchange role to be compromised.

The security update addresses the vulnerability by correcting how Microsoft Exchange handles cmdlet arguments.

POC

Reference

http://packetstormsecurity.com/files/159210/Microsoft-Exchange-Server-DlpUtils-AddTenantDlpPolicy-Remote-Code-Execution.html

Github

https://github.com/404notf0und/CVE-Flow
https://github.com/ARPSyndicate/cvemon
https://github.com/Cheroxx/Patch-Tuesday-Updates
https://github.com/EdgeSecurityTeam/Vulnerability
https://github.com/EvilAnne/2020-Read-article
https://github.com/FDlucifer/Proxy-Attackchain
https://github.com/HackingCost/AD_Pentest
https://github.com/SexyBeast233/SecBooks
https://github.com/alphaSeclab/sec-daily-2020
https://github.com/hktalent/bug-bounty
https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
https://github.com/mdisec/mdisec-twitch-yayinlari
https://github.com/r0eXpeR/redteam_vul
https://github.com/tzwlhack/Vulnerability

2.2 KiB Raw Blame History

CVE-2020-16875

Description

POC

Reference

Github

2.2 KiB

Raw Blame History