漏洞描述
Microsoft Exchange Server是微软公司的一套电子邮件服务组件。2021年8月5日,安全研究员在国外安全会议上公开了CVE-2021-34473 Microsoft ExchangeServer 远程代码执行漏洞分析及其POC。攻击者利用该漏洞可绕过相关权限验证,进而配合其他漏洞可执行任意代码,控制Microsoft ExchangeServer。
Microsoft Exchange ACL绕过漏洞(CVE-2021-34473)
PoC代码
暂无相关漏洞推荐
- (CVE-2025-53770)Microsoft SharePoint Server反序列化漏洞允许远程代码执行
- POC CVE-2019-0604: Microsoft SharePoint - Remote Code Execution
- POC CVE-2020-0646: Microsoft .NET Framework - Remote Code Execution
- POC CVE-2000-0114: Microsoft FrontPage Extensions - Information Disclosure
- POC CVE-2008-1547: Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection
- POC CVE-2015-1635: Microsoft Windows 'HTTP.sys' - Remote Code Execution
- POC CVE-2020-0618: Microsoft SQL Server Reporting Services - Remote Code Execution
- POC CVE-2020-16952: Microsoft SharePoint - Remote Code Execution
- POC CVE-2021-26855: Microsoft Exchange Server SSRF Vulnerability
- POC CVE-2021-31195: Microsoft Exchange Server - Cross-Site Scripting
- POC CVE-2021-34473: Exchange Server - Remote Code Execution
- POC CVE-2021-38647: Microsoft Open Management Infrastructure - Remote Code Execution
- POC CVE-2021-41349: Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting