{"vulnerability": "CVE-2021-33766", "sightings": [{"uuid": "2d0352eb-f246-4c37-953f-f6845d2f9b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "731942f9-8e3d-453b-b7e2-c25159bfe244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "MISP/00164a7c-c08c-4000-8374-dfedac15ec01", "content": "", "creation_timestamp": "2024-11-14T06:09:51.000000Z"}, {"uuid": "191c12d4-8850-4ede-a9b4-7516e29bd469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://msrc.microsoft.com/blog/2021/04/april-2021-update-tuesday-packages-now-available/", "content": "", "creation_timestamp": "2021-04-13T05:00:00.000000Z"}, {"uuid": "45ad9750-5324-444d-b7e1-193200162f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:30.000000Z"}, {"uuid": "700f4c9f-97e6-420c-a47b-a39107ac21de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971218", "content": "", "creation_timestamp": "2024-12-24T20:26:02.677051Z"}, {"uuid": "7ebc4d8d-940d-49fa-a926-a9d2f55990f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m344f7j7me2e", "content": "", "creation_timestamp": "2025-10-13T21:02:40.197542Z"}, {"uuid": "b6344682-89d6-4eea-ae34-6c3c79260d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-33766.yaml", "content": "", "creation_timestamp": "2025-10-10T11:00:42.000000Z"}, {"uuid": "4e0b53c1-28d9-4415-9eb1-192985bbcc74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/439", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit\nURL\uff1ahttps://github.com/bhdresh/CVE-2021-33766-ProxyToken", "creation_timestamp": "2021-08-31T22:58:45.000000Z"}, {"uuid": "174db2da-b4cf-4bdf-aeec-7f6bae4a15e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-33766", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/cdd0509c-13a8-434f-b6b7-ee739c352653", "content": "", "creation_timestamp": "2026-02-02T12:28:27.586943Z"}, {"uuid": "46111bd4-58f4-486d-b3cd-e4196ba4c1b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/691", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit\nURL\uff1ahttps://github.com/bhdresh/CVE-2021-33766", "creation_timestamp": "2021-10-14T12:35:09.000000Z"}, {"uuid": "93a8f89f-5ccd-4c75-b777-27c3bc72e2de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/532", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-33766-poc\nURL\uff1ahttps://github.com/demossl/CVE-2021-33766-ProxyToken", "creation_timestamp": "2021-09-15T09:20:05.000000Z"}, {"uuid": "e322aa6d-c0c8-4ea5-ae81-601cad0899c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/530", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-33766-poc\nURL\uff1ahttps://github.com/demossl/CVE-2021-33766-ProxyToken-", "creation_timestamp": "2021-09-15T09:11:04.000000Z"}, {"uuid": "19deac40-f276-46da-a98c-8359a337d145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://t.me/cKure/6874", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 The bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more.\n\nhttps://threatpost.com/microsoft-exchange-proxytoken-email/169030/", "creation_timestamp": "2021-08-30T21:16:05.000000Z"}, {"uuid": "956eb00e-1718-4005-985b-9daf0f20bef5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://t.me/codeby_sec/4912", "content": "\u200b\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2021-33766) \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft Exchange Server, \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c ProxyToken, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435.\n\nMicrosoft Exchange \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0432\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430:  \u0432\u043d\u0435\u0448\u043d\u0438\u0439 - \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044e\u0442\u0441\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u0435, \u0438 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 - \u0441\u0430\u0439\u0442, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c \"Delegated Authentication\", \u043a\u043e\u0433\u0434\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u0441\u0430\u0439\u0442 \u043f\u0435\u0440\u0435\u0434\u0430\u0435\u0442 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439. Exchange \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 (\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043c\u043e\u0434\u0443\u043b\u044c, \u043e\u0442\u0432\u0435\u0447\u0430\u044e\u0449\u0438\u0439 \u0437\u0430 \u044d\u0442\u043e, (\"DelegatedAuthModule\") \u043d\u0435 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d).\n\n\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u043c\u0435\u0435\u0442 \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u043d\u0430 \u0442\u043e\u043c \u0436\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exchange, \u0447\u0442\u043e \u0438 \u0436\u0435\u0440\u0442\u0432\u0430. \u041e\u0434\u043d\u0430\u043a\u043e, \u0435\u0441\u043b\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0435\u0440\u0435\u0441\u044b\u043b\u043a\u0438 \u0441 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c\u0438 \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u043e\u043e\u0431\u0449\u0435 \u043d\u0435 \u043d\u0443\u0436\u043d\u044b.\n\n\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n#infosec #microsoft #exploit", "creation_timestamp": "2021-08-31T11:43:15.000000Z"}, {"uuid": "b1f1aa5d-ba3a-4f6c-adb0-602e8d126d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7606", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 POC Exploit for CVE-2021-33766 (ProxyToken).\n\nhttps://github.com/bhdresh/CVE-2021-33766", "creation_timestamp": "2021-10-14T13:23:38.000000Z"}, {"uuid": "1decac23-98f1-43bd-bc1c-988488be403c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://t.me/arpsyndicate/1329", "content": "#ExploitObserverAlert\n\nCVE-2021-33766\n\nDESCRIPTION: Exploit Observer has 17 entries related to CVE-2021-33766. Microsoft Exchange Information Disclosure Vulnerability\n\nFIRST-EPSS: 0.930380000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T23:14:42.000000Z"}, {"uuid": "27ec8c2a-6e70-4530-8949-b3c6a76646f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/438", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server POC exploit\nURL\uff1ahttps://github.com/bhdresh/CVE-2021-33766-ProxyToken-", "creation_timestamp": "2021-08-31T22:54:11.000000Z"}, {"uuid": "bdc0695d-715d-439e-ab5c-84d829569b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/186", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-18T23:06:09.000000Z"}, {"uuid": "efbbc40d-c913-49b9-8576-38c2454cffb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/18", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:14:31.000000Z"}, {"uuid": "84950e06-b261-4dd3-93a1-3a04d4f84286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4189", "content": "#Threat_Research\n1. New Annke Vulnerability Shows Risks of IoT Security Camera Systems\nhttps://www.nozominetworks.com/blog/new-annke-vulnerability-shows-risks-of-iot-security-camera-systems\n2. ProxyToken:\nAn Authentication Bypass in Microsoft Exchange Server (CVE-2021-33766)\nhttps://www.zerodayinitiative.com/blog/2021/8/30/proxytoken-an-authentication-bypass-in-microsoft-exchange-server", "creation_timestamp": "2021-09-01T05:02:52.000000Z"}, {"uuid": "077e199d-88ac-47b1-88bb-5fb936725453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/276", "content": "ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server #poc exploit\nhttps://github.com/bhdresh/CVE-2021-33766\n\n#poc CVE-2021-37980 : Inappropriate implementation in Sandbox (windows only)\nhttps://github.com/ZeusBox/CVE-2021-37980\n\nMy take on CVE-2021-30858 #poc for ps4 8.xx It's just a POC\nhttps://github.com/PeterMxx/ps4_8.00_vuln_poc\n\nA simple Python proof of concept for CVE-2021-38295\nhttps://github.com/ProfessionallyEvil/CVE-2021-38295-PoC\n\napache httpd path traversal checker(CVE-2021-41773 / CVE-2021-42013)\nhttps://github.com/theLSA/apache-httpd-path-traversal-checker", "creation_timestamp": "2021-10-15T12:57:52.000000Z"}, {"uuid": "1ee04f8a-70ee-4b73-9885-19a41968cb95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://t.me/true_secator/2054", "content": "\u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043d\u043e\u0432\u044b\u0435 \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u044b, \u0438\u043b\u0438 \u0442\u043e\u0447\u043d\u0435\u0435 \u0432\u044b\u0440\u0430\u0437\u0438\u043c\u0441\u044f, \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u043e\u0442\u043a\u0440\u044b\u043b\u0438\u0441\u044c \u043f\u0435\u0440\u0435\u0434 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u0438\u043c\u0447\u0438\u0432\u044b\u043c\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Zero-Day Initiative.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u044c\u0435\u0442\u043d\u0430\u043c\u0441\u043a\u0438\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u041b\u0435 \u0421\u0443\u0430\u043d\u043e\u043c \u0422\u0443\u0435\u043d\u043e\u043c \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 VNPT ISC \u0432 \u043c\u0430\u0440\u0442\u0435 2021 \u0433\u043e\u0434\u0430. \u0421\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0438\u044e\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0442\u0430\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Exchange Server, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0443\u0441\u043b\u043e\u0432\u043d\u043e\u0435 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ProxyToken (CVE-2021-33766). \n\n\u0411\u0430\u0433\u0430 \u043f\u043e \u043f\u0440\u043e\u0433\u043d\u043e\u0437\u0430\u043c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u043e\u0432, \u0434\u043e\u043b\u0436\u043d\u0430 \u043d\u0430\u0447\u0430\u0442\u044c \u0442\u0430\u043a\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u0438 ProxyShell.\n\nProxyToken \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0445 \u044f\u0449\u0438\u043a\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0433\u0434\u0435 \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043f\u0435\u0440\u0435\u0441\u044b\u043b\u043a\u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u0438 \u0432\u043d\u043e\u0441\u0438\u0442\u044c \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u043f\u0430\u043d\u0435\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Exchange (ECP), \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440 \u043c\u043e\u0436\u0435\u0442 \u0437\u0435\u0440\u043a\u0430\u043b\u0438\u0442\u044c \u043f\u043e\u0447\u0442\u043e\u0432\u044b\u0439 \u0442\u0440\u0430\u0444\u0438\u043a. \n\n\u041c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u043e\u0448\u0438\u0431\u043a\u0438 \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 \u0434\u0435\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u043d\u0435\u043f\u0443\u0441\u0442\u043e\u0439 \u0444\u0430\u0439\u043b cookie \u0441 \u0438\u043c\u0435\u043d\u0435\u043c \u00abSecurityToken\u00bb \u0441 \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 (\u0441\u0430\u0439\u0442 Microsoft Exchange, Outlook Web Access, Exchange Control Panel)  \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0439 (Exchange Back End). \u042d\u0442\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u0438 \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 HTTP 500, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0435\u0439 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u0443\u044e \u0434\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0432\u044b\u0434\u0430\u0447\u0438 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u0430.\n\n\u0416\u0434\u0435\u043c \u043f\u0435\u0440\u0432\u044b\u0445 \u043b\u0430\u0441\u0442\u043e\u0447\u0435\u043a: \u043e\u0442 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0439 \u043f\u0435\u0440\u043b\u044e\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u0434\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0441 \u043f\u0440\u0435\u0440\u044b\u0432\u0438\u0441\u0442\u043e\u0439 \u043f\u043e\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u043e\u0439.", "creation_timestamp": "2021-08-31T12:01:17.000000Z"}, {"uuid": "d5bba683-ef68-4722-bffd-519482478466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://t.me/cibsecurity/28015", "content": "\u274c Microsoft Exchange \u2018ProxyToken\u2019 Bug Allows Email Snooping \u274c\n\nThe bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more.\n\n\ud83d\udcd6 Read\n\nvia \"Threat Post\".", "creation_timestamp": "2021-08-30T20:48:52.000000Z"}, {"uuid": "f1b37eeb-4b90-4c7f-b0ea-ca5ea8666e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "seen", "source": "https://t.me/thehackernews/1475", "content": "Unauthenticated attackers could exploit a new vulnerability \u2014 dubbed ProxyToken, CVE-2021-33766 \u2014 in Microsoft Exchange servers to change mailbox settings and spy on email.\n\nRead details: https://thehackernews.com/2021/08/new-microsoft-exchange-proxytoken-flaw.html", "creation_timestamp": "2021-08-31T05:36:40.000000Z"}, {"uuid": "0eec15fc-04b3-4a15-acd3-a1571543d962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4521", "content": "#exploit\n1. CVE-2021-33766:\nProxyToken - An Authentication Bypass in Microsoft Exchange Server PoC exploit\nhttps://github.com/bhdresh/CVE-2021-33766\n\n2. CVE-2021-38295:\nA simple Python PoC\nhttps://github.com/ProfessionallyEvil/CVE-2021-38295-PoC/commits/main", "creation_timestamp": "2021-10-15T11:07:01.000000Z"}, {"uuid": "39bb4226-aa24-4d0f-8da0-399ff6156c17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-33766", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/19", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:15:23.000000Z"}]}