{"vulnerability": "CVE-2022-41040", "sightings": [{"uuid": "1e638b75-8c4a-4602-865e-08974f465f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://www.thezdi.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty", "content": "", "creation_timestamp": "2024-09-05T15:39:37.000000Z"}, {"uuid": "67e4dd95-e88d-4575-814b-c46bccfab5a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "b8b11a36-9e33-42fa-ba5a-aba6b7e72104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "MISP/ad5af8e7-0c4c-4b64-b36d-1c80910c1140", "content": "", "creation_timestamp": "2023-06-23T06:19:27.000000Z"}, {"uuid": "4f3b0151-1fc7-4d1d-8ff5-fc20efbe331c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://msrc.microsoft.com/blog/2022/09/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/", "content": "", "creation_timestamp": "2022-09-30T05:00:00.000000Z"}, {"uuid": "c792aeb9-5002-41f1-8d26-b18f4d552f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971720", "content": "", "creation_timestamp": "2024-12-24T20:33:13.920712Z"}, {"uuid": "a9d69f2b-c0dd-4fe6-8a76-44122718d40d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971721", "content": "", "creation_timestamp": "2024-12-24T20:33:14.710897Z"}, {"uuid": "0bde2c8e-a2be-4f8d-a303-a8b85ea5d5c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "12d26dab-811c-4a34-a88a-f51229ff42f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:49.000000Z"}, {"uuid": "b0b66544-4bd1-4a36-b1a1-43037a243b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:39.000000Z"}, {"uuid": "d9d7cfa8-85d0-46ed-84ee-b48326bf9ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3logakjmvec2o", "content": "", "creation_timestamp": "2025-05-05T11:16:23.484290Z"}, {"uuid": "9d6d90c8-a519-4330-9b33-dcc56218d6f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3logaklhehc2o", "content": "", "creation_timestamp": "2025-05-05T11:16:24.666184Z"}, {"uuid": "2efc2b87-f52c-4a77-8988-972d8e948e61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3logaklulck2o", "content": "", "creation_timestamp": "2025-05-05T11:16:25.804132Z"}, {"uuid": "1964e5f7-b2ce-4710-bbf7-4e1c5b7e97b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3logaklunb22o", "content": "", "creation_timestamp": "2025-05-05T11:16:26.927965Z"}, {"uuid": "f37b0e11-1a93-42fc-9ae2-7936ef939625", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://bsky.app/profile/crowdsec.bsky.social/post/3logakmi5bs2o", "content": "", "creation_timestamp": "2025-05-05T11:16:28.092983Z"}, {"uuid": "d93675b4-60b8-4796-9444-161ab8de509a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/exchange_proxynotshell_rce.rb", "content": "", "creation_timestamp": "2022-11-30T17:43:21.000000Z"}, {"uuid": "989c1a9d-4044-48a2-a25d-f768dc9e0995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://gist.github.com/dcaddick/226adcebb2de27acf9f0c71fd785dc97", "content": "", "creation_timestamp": "2025-11-04T07:17:42.000000Z"}, {"uuid": "919ed270-faf6-4ac8-a182-1eaf1f79681c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://www.cert.at/de/warnungen/2022/11/0-day-exploit-remote-code-execution-in-microsoft-exchange-on-premise-workaround-verfugbar", "content": "", "creation_timestamp": "2022-09-30T07:47:10.000000Z"}, {"uuid": "a7ac574f-402b-4472-bc24-9cbac9e5b356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2022", "content": "", "creation_timestamp": "2022-09-30T08:40:20.000000Z"}, {"uuid": "b3cc28ee-37d5-460e-b648-14266431d79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "a37e6d2d-4b51-41fe-9854-f1ff6e92d354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=883", "content": "", "creation_timestamp": "2022-09-30T04:00:00.000000Z"}, {"uuid": "b12a10b8-cedc-4739-ae6d-64396dd476f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=913", "content": "", "creation_timestamp": "2022-11-09T04:00:00.000000Z"}, {"uuid": "37423d56-64b5-4f59-818f-67117f68e549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/51242530-97c6-45a1-8bf8-51ba025e0039", "content": "", "creation_timestamp": "2026-02-02T12:27:12.085473Z"}, {"uuid": "5243b38f-9c30-44a3-aeff-3b36d65e6cd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/BleepingComputer/13803", "content": "\u200aMicrosoft Exchange server zero-day mitigation can be bypassed\n\nMicrosoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough. [...]\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-exchange-server-zero-day-mitigation-can-be-bypassed/", "creation_timestamp": "2022-10-03T15:00:52.000000Z"}, {"uuid": "03e56d78-00f5-4ae7-92ee-0baf6720e674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10436", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Working PoC for CVE-2022-41040 and CVE-2022-41082 (A.K.A ProxyNotShell).\n\nhttps://github.com/testanull/ProxyNotShell-PoC", "creation_timestamp": "2022-11-18T07:18:00.000000Z"}, {"uuid": "db6ca9be-db95-46fb-aeb6-c1c0072ba6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10273", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 CVE-2022-41040 \n\nffuf -w \"urllist.txt:URL\" -u \"https://URL/autodiscover/autodiscover.json?@URL/&Email=autodiscover/autodiscover.json%3f@URL\" -mr \"IIS Web Core\" -r\n\n404 --> vulnerable\n\nSource: Twitter.", "creation_timestamp": "2022-10-04T08:15:00.000000Z"}, {"uuid": "e96f041b-d36d-436f-9409-a4a3b35e3474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/BleepingComputer/13806", "content": "Latest news and stories from BleepingComputer.com\nMicrosoft Exchange server zero-day mitigation can be bypassed\n\nMicrosoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough. [...]", "creation_timestamp": "2022-10-03T17:05:41.000000Z"}, {"uuid": "2a814648-e9d4-41fd-846d-ad67c4d8c7ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/BleepingComputer/13830", "content": "Latest news and stories from BleepingComputer.com\nMicrosoft updates mitigation for ProxyNotShell Exchange zero days\n\nMicrosoft has updated the mitigation for the latest Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, also referred to ProxyNotShell. [...]", "creation_timestamp": "2022-10-05T13:37:55.000000Z"}, {"uuid": "d5339bf7-e7dc-4297-9c3b-588b1be25516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/BleepingComputer/13828", "content": "\u200aMicrosoft updates mitigation for ProxyNotShell Exchange zero days\n\nMicrosoft has updated the mitigation for the latest Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, also referred to ProxyNotShell. [...]\n\nhttps://www.bleepingcomputer.com/news/security/microsoft-updates-mitigation-for-proxynotshell-exchange-zero-days/", "creation_timestamp": "2022-10-05T14:05:01.000000Z"}, {"uuid": "7c1aa923-51ae-426f-bf2f-25030ac0ffbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3095", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1awriteup and PoC for (CVE-2022-41082/CVE-2022-41040) aka ProxyNotShell\nURL\uff1ahttps://github.com/stat1st1c/CVE-2022-41082-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-23T03:21:15.000000Z"}, {"uuid": "1fb69d21-f494-4192-920a-6c1f91525e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/GithubRedTeam/3511", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1awriteup and PoC for (CVE-2022-41082/CVE-2022-41040) aka ProxyNotShell\nURL\uff1ahttps://github.com/Adynervi/CVE-2022-41082-RCE-PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2024-06-29T09:46:10.000000Z"}, {"uuid": "1f525c2e-4c3c-4ad5-a0d6-4161a6a5874b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7175", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41040\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Exchange Server Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2022-10-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T16:10:48.981Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040", "creation_timestamp": "2025-03-11T16:40:29.000000Z"}, {"uuid": "cb69269e-3442-4eb5-b1af-e17aed3c0386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/poxek/2631", "content": "\u041d\u0438\u043a\u0442\u043e \u043d\u0435 \u0436\u0434\u0430\u043b \u0438 \u0432\u043e\u0442 \u043e\u043f\u044f\u0442\u044c!\n\nMicrosoft Exchange 0days:\nCVE-2022-41040\nCVE-2022-41082\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435\n\n#CVE", "creation_timestamp": "2022-12-20T07:13:25.000000Z"}, {"uuid": "e4c13500-7e7b-4471-bde6-4dd9262f28fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/monkey_hacker/28", "content": "\u0420\u0430\u043d\u043e\u0432\u0430\u0442\u043e, \u043d\u043e \u0442\u0430\u043a\u0438 \u0434\u0430\n\u0422\u041e\u041f 10 \u0438\u0437 2022\n\n1. Follina (CVE-2022-30190)\n2. Log4Shell (CVE-2021-44228)\n3. Spring4Shell (CVE-2022-22965)\n4. F5 BIG-IP (CVE-2022-1388)\n5. Google Chrome zero-day (CVE-2022-0609)\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n10. Zyxel RCE vulnerability (CVE-2022-30525)", "creation_timestamp": "2022-11-29T07:00:36.000000Z"}, {"uuid": "6554ca93-6119-4f88-8f09-ec0328ff88bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/382", "content": "\u200b\u200bCVE-2022-41040-metasploit-ProxyNotShell\n\nthe metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.\n\nhttps://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell", "creation_timestamp": "2022-10-21T10:54:19.000000Z"}, {"uuid": "a1c95acd-a050-4ce7-ae45-526dd9b04420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/arm1tage/385", "content": "\ud83d\udca3 ProxyNotShell PoC\n\nProxyNotShell this is a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery vulnerability (CVE-2022-41040) and a second vulnerability that allows Remote Code Execution (CVE-2022-41082) when PowerShell is available on the Exchange Server.\n\nResearch:\nhttps://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend\n\nNmap Checker:\nhttps://github.com/CronUp/Vulnerabilidades/blob/main/proxynotshell_checker.nse\n\nPoC:\nhttps://github.com/testanull/ProxyNotShell-PoC\n\n#exchange #proxynotshell #ssrf #rce", "creation_timestamp": "2023-01-10T18:22:25.000000Z"}, {"uuid": "df289d72-2699-4c34-b203-1261572f026b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/package_security/17", "content": "\u200b\ud83c\udfc6 \u0418\u0442\u043e\u0433\u0438 \u0433\u043e\u0434\u0430\n\n\u041d\u0430\u0441\u0442\u0430\u043b\u043e \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u044c \u043e \u0440\u0430\u0431\u043e\u0447\u0435\u043c \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u0435.\n2\u043a22 \u0433\u043e\u0434 \u043d\u0430\u043a\u043e\u043d\u0435\u0446-\u0442\u043e \u043f\u043e\u0434\u0445\u043e\u0434\u0438\u0442 \u043a \u043a\u043e\u043d\u0446\u0443, \u0430 \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442, \u0447\u0442\u043e \u043f\u043e\u0440\u0430 \u043f\u043e\u0434\u0432\u043e\u0434\u0438\u0442\u044c \u0438\u0442\u043e\u0433\u0438.\n\n\u0423 \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u043e\u0432, \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u0433\u0434\u0430, \u0438\u0442\u043e\u0433\u0438 \u0441\u0432\u043e\u0438. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u0435\u0440\u0436\u0438\u0442\u0435 \u0422\u041e\u041f-10 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 2022 \u0433\u043e\u0434\u0443 \u043f\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Cyber Threat Intelligence:\n\n1. Follina (CVE-2022-30190) \n\n2. Log4Shell (CVE-2021-44228) \n\n3. Spring4Shell (CVE-2022-22965) \n\n4. F5 BIG-IP (CVE-2022-1388) \n\n5. Google Chrome zero-day (CVE-2022-0609) \n\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882) \n\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040) \n\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352) \n\n9. Atlassian Confluence RCE flaw (CVE-2022-26134) \n\n10. Zyxel RCE vulnerability (CVE-2022-30525)\n\n\u0411\u0443\u0434\u044c\u0442\u0435 \u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u044b, \u0431\u0435\u0440\u0435\u0433\u0438\u0442\u0435 \u0441\u0435\u0431\u044f \u0438 \u0432\u0430\u0448\u0438 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\nP.S. \u041d\u0438\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0438\u043a\u0447\u0430 \u0441 \u043d\u0430\u0433\u043b\u044f\u0434\u043d\u044b\u043c\u0438 \u0438\u043a\u043e\u043d\u043a\u0430\u043c\u0438\n\n#\u041f\u043e\u043b\u0435\u0437\u043d\u043e\u0435\n\n\u041f\u0430\u043a\u0435\u0442 \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438", "creation_timestamp": "2022-12-16T15:56:36.000000Z"}, {"uuid": "09e9eb54-8949-4daa-a9ef-276c9d8efb15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4821", "content": "\u0418 \u043f\u043e \u043d\u0430\u0432\u043e\u0434\u043a\u0435 \u0447\u0438\u0442\u0430\u0442\u0435\u043b\u044f, \u043d\u043e\u0432\u044b\u0439 zero-day \u0432 Exchange \n\nhttps://www.gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html\n\nhttps://www.helpnetsecurity.com/2022/09/30/cve-2022-41040-cve-2022-41082/\n\nhttps://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/", "creation_timestamp": "2022-09-30T11:57:01.000000Z"}, {"uuid": "7bb70dc1-6929-4b39-bdd2-283acd9781c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/ctinow/82459", "content": "CVE-2022-41040 and CVE-2022-41082 \u2013 zero-days in MS Exchange\n\nhttps://ift.tt/rXF7j6W", "creation_timestamp": "2022-12-19T17:21:10.000000Z"}, {"uuid": "2a9a7a55-b067-45cc-9c5d-2e1c8d09078e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/ctinow/66711", "content": "Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082\n\nhttps://ift.tt/PewulYV", "creation_timestamp": "2022-10-01T06:36:14.000000Z"}, {"uuid": "ecdc91dc-c457-4636-b2d7-e54f7d35ce8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/ctinow/66530", "content": "Two Microsoft Exchange zero-days exploited by attackers (CVE-2022-41040, CVE-2022-41082)\n\nhttps://ift.tt/gc8yB5j", "creation_timestamp": "2022-09-30T12:16:59.000000Z"}, {"uuid": "f3ce014a-072b-471d-9f0b-46f70b08c5b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/ctinow/69007", "content": "Acronis: mail.acronis.com is vulnerable to zero day vulnerability CVE-2022-41040\n\nhttps://ift.tt/ZODHqWa", "creation_timestamp": "2022-10-13T20:16:35.000000Z"}, {"uuid": "eb73ac00-a927-4de9-b925-791035e88e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "Telegram/Al5s1pu9DlCNMnH7rJt2q5NFKP_tt6i0TJLpRuR3HfdnDhA", "content": "", "creation_timestamp": "2022-12-05T04:24:48.000000Z"}, {"uuid": "9e13c0dd-873d-4d3c-be2a-3e5f200fdf93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1245", "content": "https://github.com/attacker-codeninja/My-Nuclei-Templates-2\nhttps://github.com/badboy-sft/badboy_17-Nuclei-Templates-Collection\nhttps://github.com/bhataasim1/PersonalTemplates\nhttps://github.com/bjhulst/nuclei-custom-templates\nhttps://github.com/bufferbandit/gitScanNucleiTemplate\nhttps://github.com/bugbountydude/Nuclei-TamplatesBackup\nhttps://github.com/c3l3si4n/malicious_nuclei_templates\nhttps://github.com/chouaibhm/foulenzer-templates\nhttps://github.com/cipher387/juicyinfo-nuclei-templates\nhttps://github.com/compr00t/nuclei-templates\nhttps://github.com/e1abrador/SpringCorePoC.sh\nhttps://github.com/emadshanab/nucleiDB\nhttps://github.com/ibaiw/nuclei_templates\nhttps://github.com/kh4sh3i/Nextcloud-Pentesting\nhttps://github.com/kh4sh3i/Webmin-CVE\nhttps://github.com/learnerboy88/CVE-2023-29489\nhttps://github.com/lliwi/nuclei-repo-hunter\nhttps://github.com/manasmbellani/nuclei-templates\nhttps://github.com/marcositu/nuclei-custom-templates\nhttps://github.com/mertugur/nuclei-templates\nhttps://github.com/milo2012/nuclei-templates-others\nhttps://github.com/narasimha5x5/nuclei-templates\nhttps://github.com/nullfuzz-pentest/custom-nuclei-templates\nhttps://github.com/numanturle/CVE-2022-41040\nhttps://github.com/p0ch4t/nuclei-special-templates\nhttps://github.com/p3n73st3r/Nuclei-Templates\nhttps://github.com/pentest-dev/Profesional-Nuclei-Templates\nhttps://github.com/psc4re/nuclei-templates\nhttps://github.com/rahul-nakum14/Recon\nhttps://github.com/rutgerhrm/valid8\nhttps://github.com/samy1937/mynuclei_templates\nhttps://github.com/shubham-rooter/Nuclei-custom-templates\nhttps://github.com/sl4x0/NC-Templates\nhttps://github.com/sudouday/nuclei-templates\nhttps://github.com/sushant-kamble/mynuclei-template\nhttps://github.com/tamimhasan404/Open-Source-Nuclei-Templates-Downloader\nhttps://github.com/thecyberneh/nuclei-templatess\nhttps://github.com/thecybertix/Nuclei-templates\nhttps://github.com/themoonbaba/private_templates\nhttps://github.com/twseptian/custom-nuclei-templates\nhttps://github.com/vidocsecurity/templates\nhttps://github.com/vishal12300/all_nuclei_templatess\nhttps://github.com/vulnspace/nuclei-templates\nhttps://github.com/websecresearch/nucleirecordloginsession\nhttps://github.com/windyGarlic/nuclei-templates\nhttps://github.com/xinZa1/template\nhttps://github.com/yarovit-developer/nuclei-templates\nhttps://github.com/vsh00t/nuclei-templates\nhttps://github.com/nikhilhvr/nuclei-templates\nhttps://github.com/ed-red/redmc_custom_templates_nuclei\nhttps://github.com/DrakenKun-cyber/Templates\nhttps://github.com/Dalaho-bangin/nuclei-templates2\nhttps://github.com/Mr-xn/CVE-2023-23333\nhttps://github.com/boobooHQ/private_templates\nhttps://github.com/Erenlancaster/CVE-2021-46704\nhttps://github.com/stevemason/nuclei-template-forked-daapd-path-traversal\nhttps://github.com/topscoder/nuclei-zero-day\nhttps://github.com/mdube99/nuclei-templates\nhttps://github.com/nuts7/CVE-2023-27372\nhttps://github.com/k00kx/nuclei-templates\nhttps://github.com/YashVardhanTrip/nuclei-templates\nhttps://github.com/Deep2142004/Nuclei-Templates\nhttps://github.com/RajaUzairAbdullah/nuclei-templates\nhttps://github.com/mdube99/custom-nuclei-templates\nhttps://github.com/Esonhugh/public-nuclei-template\nhttps://github.com/Rabb1ter/nuclei-templates\nhttps://github.com/zodmagus/z0ds3c-Nuclei-Templates\nhttps://github.com/thefool45/nuclei-templates\nhttps://github.com/SumedhDawadi/Nuclei_Template_Subdomain_Takeover\nhttps://github.com/r3dcl1ff/Symfony-Fuck\nhttps://github.com/polling-repo-continua/KozinTemplates\nhttps://github.com/b4dboy17/badboy_17-Nuclei-Templates-Collection\nhttps://github.com/narasimhareddy5x5/nuclei-templates\nhttps://github.com/baharebenesbordi/Nuclei-Templates\nhttps://github.com/v3l4r10/Nuclei-Templates\nhttps://github.com/Deepparasiya/Nuclei-Templates\nhttps://github.com/valaDevs/env-js-nuclei", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "defdfd47-c3ed-4ea2-a5c2-01e370f23cbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1252", "content": "https://github.com/mdsabbirkhan/0xPugazh-my-nuclei-templates\nhttps://github.com/mdube99/custom-nuclei-templates\nhttps://github.com/mdube99/nuclei-templates\nhttps://github.com/medbsq/ncl\nhttps://github.com/meme-lord/Custom-Nuclei-Templates\nhttps://github.com/mertugur/nuclei-templates\nhttps://github.com/microphone-mathematics/custom-nuclei-templates\nhttps://github.com/milo2012/nuclei-templates-others\nhttps://github.com/myuyu/nuclei-templates\nhttps://github.com/n1f2c3/mytemplates\nhttps://github.com/narasimha5x5/nuclei-templates\nhttps://github.com/narasimhareddy5x5/nuclei-templates\nhttps://github.com/nicholasaleks/NucleiGPT\nhttps://github.com/nikhilhvr/nuclei-templates\nhttps://github.com/notnotnotveg/nuclei-custom-templates\nhttps://github.com/nullfuzz-pentest/custom-nuclei-templates\nhttps://github.com/numanturle/CVE-2022-41040\nhttps://github.com/nuts7/CVE-2023-27372\nhttps://github.com/obreinx/nuceli-templates\nhttps://github.com/optiv/mobile-nuclei-templates\nhttps://github.com/p0ch4t/nuclei-special-templates\nhttps://github.com/p3n73st3r/Nuclei-Templates\nhttps://github.com/panch0r3d/nuclei-templates\nhttps://github.com/peanuth8r/Nuclei_Templates\nhttps://github.com/pentest-dev/Profesional-Nuclei-Templates\nhttps://github.com/pikpikcu/nuclei-templates\nhttps://github.com/ping-0day/templates\nhttps://github.com/polling-repo-continua/KozinTemplates\nhttps://github.com/praetorian-inc/chariot-launch-nuclei-templates\nhttps://github.com/praetorian-inc/zeroqlik-detect\nhttps://github.com/psc4re/nuclei-templates\nhttps://github.com/ptyspawnbinbash/template-enhancer\nhttps://github.com/qaisarafridi/MY-Nuclei-Templates\nhttps://github.com/r3dcl1ff/Symfony-Fuck\nhttps://github.com/rafaelcaria/Nuclei-Templates\nhttps://github.com/rafaelwdornelas/my-nuclei-templates\nhttps://github.com/rahul-nakum14/Recon\nhttps://github.com/rahulkadavil/nuclei-templates\nhttps://github.com/randomstr1ng/nuclei-sap-templates\nhttps://github.com/redteambrasil/nuclei-templates\nhttps://github.com/ree4pwn/my-nuclei-templates\nhttps://github.com/reewardius/mytemplates-log4shell\nhttps://github.com/reewardius/nuclei-special-templates\nhttps://github.com/reewardius/nuclei-templates\nhttps://github.com/reewardius/nuclei-templates-new\nhttps://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins\nhttps://github.com/rutgerhrm/valid8\nhttps://github.com/sadnansakin/my-nuclei-templates\nhttps://github.com/samy1937/mynuclei_templates\nhttps://github.com/schooldropout1337/nuclei-templates\nhttps://github.com/securitytest3r/nuclei_templates_work\nhttps://github.com/sharathkramadas/k8s-nuclei-templates\nhttps://github.com/shifa123/detections\nhttps://github.com/shubham-rooter/Nuclei-custom-templates\nhttps://github.com/sl4x0/NC-Templates\nhttps://github.com/smaranchand/nuclei-templates\nhttps://github.com/soapffz/myown-nuclei-poc\nhttps://github.com/soumya123raj/Nuclei\nhttps://github.com/souzomain/mytemplates\nhttps://github.com/stevemason/nuclei-template-forked-daapd-path-traversal\nhttps://github.com/sudouday/nuclei-templates\nhttps://github.com/sushant-kamble/mynuclei-template\nhttps://github.com/szybnev/nuclei-custom\nhttps://github.com/tamimhasan404/Open-Source-Nuclei-Templates-Downloader\nhttps://github.com/test502git/log4j-fuzz-head-poc\nhttps://github.com/testtt3424/nuclei-templates\nhttps://github.com/th3-r3sistanc3/nuclei-templates\nhttps://github.com/th3r4id/nuclei-templates\nhttps://github.com/thebrnwal/Content-Injection-Nuclei-Script\nhttps://github.com/thecyberneh/nuclei-templatess\nhttps://github.com/thecybertix/Nuclei-templates\nhttps://github.com/thefool45/nuclei-templates\nhttps://github.com/thelabda/nuclei-templates\nhttps://github.com/themoonbaba/private_templates\nhttps://github.com/topscoder/nuclei-wordfence-cve\nhttps://github.com/topscoder/nuclei-zero-day\nhttps://github.com/toramanemre/apache-solr-log4j-CVE-2021-44228", "creation_timestamp": "2025-04-22T02:52:22.000000Z"}, {"uuid": "51573969-dea2-444b-b584-595bc453ebb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1247", "content": "https://github.com/exploit-io/nuclei-fuzz-templates\nhttps://github.com/yashrupavatiya26/custom-nuclei-template\nhttps://github.com/ts4rin4/templates4nuclei\nhttps://github.com/Caddyshack2175/nuclei-custom-templates\nhttps://github.com/0xr2r/templates-nucleir2r\nhttps://github.com/pushpak-11/customTemplates\nhttps://github.com/Christbowel/CVE-2024-25600_Nuclei-Template\nhttps://github.com/Shakilll/my_nuclei_templates\nhttps://github.com/xjhonly/nuclei-templates\nhttps://github.com/0x71rex/0-Nuclei-Templates\nhttps://github.com/0xPugal/my-nuclei-templates\nhttps://github.com/damon-sec/TCSZ-Nuclei\nhttps://github.com/qaisarafridi/MY-Nuclei-Templates\nhttps://github.com/badboycxcc/CVE-2023-24100\nhttps://github.com/umityn/my-nuclei-templates\nhttps://github.com/0xKayala/Custom-Nuclei-Templates\nhttps://github.com/thanhnx9/nuclei-templates-cutomer\nhttps://github.com/VulnExpo/nuclei-templates\nhttps://github.com/mdsabbirkhan/0xPugazh-my-nuclei-templates\nhttps://github.com/vulnspace/nuclei-templates\nhttps://github.com/microphone-mathematics/custom-nuclei-templates\nhttps://github.com/praetorian-inc/zeroqlik-detect\nhttps://github.com/hackerhijeck/Fuzzing_with_nuclei\nhttps://github.com/valaDevs/nuclei-backupfile-finder\nhttps://github.com/reewardius/interested-nuclei-templates\nhttps://github.com/zodmagus/z0ds3c-Nuclei-Templates\nhttps://github.com/Mr-xn/CVE-2023-23333\nhttps://github.com/bug-vs-me/WPML-XSS\nhttps://github.com/sudouday/nuclei-templates\nhttps://github.com/cyberheartmi9/Proxyshell-Scanner\nhttps://github.com/numanturle/CVE-2022-41040\nhttps://github.com/numanturle/Log4jNuclei\nhttps://github.com/CharanRayudu/Custom-Nuclei-Templates\nhttps://github.com/daffainfo/my-nuclei-templates\nhttps://github.com/thebrnwal/Content-Injection-Nuclei-Script\nhttps://github.com/ree4pwn/my-nuclei-templates\nhttps://github.com/peanuth8r/Nuclei_Templates\nhttps://github.com/pikpikcu/nuclei-templates\nhttps://github.com/esetal/nuclei-bb-templates\nhttps://github.com/ARPSyndicate/kenzer-templates\nhttps://github.com/medbsq/ncl\nhttps://github.com/notnotnotveg/nuclei-custom-templates\nhttps://github.com/clarkvoss/Nuclei-Templates\nhttps://github.com/z3bd/nuclei-templates\nhttps://github.com/peanuth8r/Nuclei_Templates\nhttps://github.com/thebrnwal/Content-Injection-Nuclei-Script\nhttps://github.com/ree4pwn/my-nuclei-templates\nhttps://github.com/im403/nuclei-temp\nhttps://github.com/System00-Security/backflow\nhttps://github.com/geeknik/nuclei-templates-1\nhttps://github.com/geeknik/the-nuclei-templates\nhttps://github.com/optiv/mobile-nuclei-templates\nhttps://github.com/obreinx/nuceli-templates\nhttps://github.com/randomstr1ng/nuclei-sap-templates\nhttps://github.com/CharanRayudu/Custom-Nuclei-Templates\nhttps://github.com/n1f2c3/mytemplates\nhttps://github.com/kabilan1290/templates\nhttps://github.com/smaranchand/nuclei-templates\nhttps://github.com/Saimonkabir/Nuclei-Templates\nhttps://github.com/yavolo/nuclei-templates\nhttps://github.com/sadnansakin/my-nuclei-templates\nhttps://github.com/5cr1pt/templates\nhttps://github.com/rahulkadavil/nuclei-templates\nhttps://github.com/shifa123/detections\nhttps://github.com/daffainfo/my-nuclei-templates\nhttps://github.com/javaongsan/nuclei-templates\nhttps://github.com/AshiqurEmon/nuclei_templates\nhttps://gist.github.com/ResistanceIsUseless/e46848f67706a8aa1205c9d2866bff31\nhttps://github.com/NitinYadav00/My-Nuclei-Templates\nhttps://github.com/sharathkramadas/k8s-nuclei-templates\nhttps://github.com/securitytest3r/nuclei_templates_work\nhttps://github.com/MR-pentestGuy/nuclei-templates\nhttps://github.com/thelabda/nuclei-templates\nhttps://github.com/1in9e/my-nuclei-templates\nhttps://github.com/redteambrasil/nuclei-templates\nhttps://github.com/Saptak9983/Nuclei-Template\nhttps://github.com/Harish4948/Nuclei-Templates\nhttps://github.com/R-s0n/Custom_Vuln_Scan_Templates", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "d0ae9306-0570-4432-8928-352483ba094f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/arpsyndicate/1975", "content": "#ExploitObserverAlert\n\nCVE-2022-41040\n\nDESCRIPTION: Exploit Observer has 99 entries related to CVE-2022-41040. Microsoft Exchange Server Elevation of Privilege Vulnerability.\n\nFIRST-EPSS: 0.965310000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T11:47:27.000000Z"}, {"uuid": "0fdd9073-2952-4fdd-9ad8-97b246e9cd31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/Web_Security_Live/46", "content": "\u0413\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u043a\u0438\u0431\u0435\u0440\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439 Play \u0432\u0437\u043b\u043e\u043c\u0430\u043b\u0430 \u043a\u0440\u0443\u043f\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0443\u0441\u043b\u0443\u0433 Rackspace\n\nRackspace \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430 , \u0447\u0442\u043e \u0437\u0430 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0443, \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u0434\u0448\u0443\u044e 2 \u0434\u0435\u043a\u0430\u0431\u0440\u044f, \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Play. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0443 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b Rackspace Hosted Exchange, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f.\n\n\u041a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u044f\u0442 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2022-41080 . \u0420\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u043d\u043e\u0435 Rackspace, \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u043e, \u0447\u0442\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u0443\u043c\u0435\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u0438\u0441\u043a\u0435, \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044f\u043c-\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430\u043c, \u0441\u043f\u0438\u0441\u043a\u0430\u043c \u0437\u0430\u0434\u0430\u0447, \u0430\u0434\u0440\u0435\u0441\u043d\u043e\u0439 \u043a\u043d\u0438\u0433\u0435 \u0438 \u043f\u0440\u043e\u0447\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0432 PST-\u0444\u0430\u0439\u043b\u0430\u0445 (Personal Storage Table) 27 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 Rackspace. \u041e\u0434\u043d\u0430\u043a\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u043b\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0421\u0435\u0439\u0447\u0430\u0441 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0441\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0441\u0435\u0440\u0432\u0438\u0441 Hosted Exchange \u0438 \u043f\u0435\u0440\u0435\u0432\u0435\u0441\u0442\u0438 30 000 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Microsoft 365.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0437\u0430\u043f\u043b\u0430\u0442\u0438\u043b\u0430 \u043b\u0438 Rackspace \u0432\u044b\u043a\u0443\u043f \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u0434\u0448\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u0437\u0430 \u043e\u0442\u0447\u0435\u0442\u043e\u043c \u0418\u0411-\u0444\u0438\u0440\u043c\u044b Crowdstrike, \u043f\u0440\u043e\u043b\u0438\u0432\u0448\u0435\u0439 \u0441\u0432\u0435\u0442 \u043d\u0430 \u043d\u043e\u0432\u044b\u0439 \u043c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Play. \u0422\u0435\u0445\u043d\u0438\u043a\u0443 \u043d\u0430\u0437\u0432\u0430\u043b\u0438 OWASSRF, \u043e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Exchange, \u043a \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u044b \u043f\u0430\u0442\u0447\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-41040 \u0438 CVE-2022-41082 . \u041a\u0430\u043a \u0433\u043e\u0432\u043e\u0440\u044f\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b, \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 CVE-2022-41080 \u0438 CVE-2022-41082, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043e\u0431\u0445\u043e\u0434 \u043f\u0440\u0430\u0432\u0438\u043b \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 Outlook Web Access (OWA).\n\n\ud83d\udd18 https://t.me/web_security_live", "creation_timestamp": "2023-01-09T09:22:44.000000Z"}, {"uuid": "520c9897-9a0b-4560-8bac-11fe170d3a0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/proxy_bar/1190", "content": "\u0420\u0430\u043d\u043e\u0432\u0430\u0442\u043e, \u043d\u043e \u0442\u0430\u043a\u0438 \u0434\u0430\n\u0422\u041e\u041f 10 \u0438\u0437 2022\n\n1. Follina (CVE-2022-30190)\n2. Log4Shell (CVE-2021-44228)\n3. Spring4Shell (CVE-2022-22965)\n4. F5 BIG-IP (CVE-2022-1388)\n5. Google Chrome zero-day (CVE-2022-0609)\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n10. Zyxel RCE vulnerability (CVE-2022-30525)", "creation_timestamp": "2022-11-29T06:36:16.000000Z"}, {"uuid": "6c6302bc-49bb-4889-8700-a19f8843737b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1174", "content": "\u0420\u0430\u0431\u043e\u0447\u0438\u0439 PoC \u0434\u043b\u044f CVE-2022-41040 and CVE-2022-41082 (A.K.A ProxyNotShell)\n*\npython poc_aug3.py    \n*\ndownload POC", "creation_timestamp": "2022-11-18T10:37:53.000000Z"}, {"uuid": "be95e237-ab7a-4be0-86e5-80be27dc79c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/143691", "content": "{\n  \"Source\": \"https://t.me/documentors\",\n  \"Content\": \"poc_aug3.py 20.1 kB \ud83d\udd25\ud83d\udd25\ud83d\udd25PoC for ProxyNotShell(CVE-2022-41040 & CVE-2022-41082) \u26a0\ufe0frequirements: requests_ntlm2, requests (pip/pip3 install requests_ntlm2 requests) Usage: python poc_aug3.py \ud83d\udcbePoC from here\", \n  \"author\": \"\u2693\ufe0f\ud835\udd07\ud835\udd2c\ud835\udd20\ud835\udd32\ud835\udd2a\ud835\udd22\ud835\udd2b\ud835\udd31\ud835\udd2c\ud835\udd2f\",\n  \"Detection Date\": \"17 Nov 2022\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 Data Leak monitoring system\ud83d\udd39", "creation_timestamp": "2022-11-17T16:12:03.000000Z"}, {"uuid": "5b29cbda-ca3f-40ee-93f0-e7274f9b260d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "Telegram/_jhMJ6Qkr3NTkSODz-2VARevQ2RaVWFw4ZEApyjVaOKsVoQ", "content": "", "creation_timestamp": "2022-12-20T06:40:25.000000Z"}, {"uuid": "a6543f34-8b76-4bc1-9417-41554c2f7dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "Telegram/8yasABRsBeQ7_fA7ekcVN5-Bf6YalSSK4RwFtvSF2nNKkrM", "content": "", "creation_timestamp": "2022-12-06T17:10:12.000000Z"}, {"uuid": "21e35582-288a-4426-b44e-9f3e7c52a040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "Telegram/FYOK069r3dGPVzNRW2ebZQAxTJIkZliqhtT2JhgHyCLvq90", "content": "", "creation_timestamp": "2022-10-16T16:51:05.000000Z"}, {"uuid": "cfc42aa2-3bec-4c01-b604-f935011ba043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "Telegram/3P4-ui2ZGCcEh2qykYXdRFkjV42_EU3Ipg1j8nJzP_-5Jeo", "content": "", "creation_timestamp": "2022-11-20T16:38:05.000000Z"}, {"uuid": "020cb39e-d77f-400a-90a4-b43dae1118dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/MrVGunz/494", "content": "\u062a\u06a9\u0645\u06cc\u0644\u06cc:\n\n\u0634\u0631\u06a9\u062a \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u0634\u0646\u0627\u0633\u0647 \u0647\u0627\u06cc \u0632\u06cc\u0631 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0627\u06cc\u0646 \u062f\u0648 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0639\u0631\u0641\u06cc \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a:\nCVE-2022-41040 flaw could only be exploited by authenticated attackers. Successful exploitation then allows them to trigger the CVE-2022-41082 RCE vulnerability.\n\n\u062a\u0627 \u0632\u0645\u0627\u0646 \u0627\u0646\u062a\u0634\u0627\u0631 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0631\u0633\u0645\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0632\u06cc\u0631 \u0631\u0627 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u06a9\u0627\u0647\u0634 \u062e\u0637\u0631 \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u0628\u0647 \u06a9\u0627\u0631 \u0628\u0633\u062a:\n\"The current mitigation is to add a blocking rule in \"IIS Manager -> Default Web Site -> Autodiscover -> URL Rewrite -> Actions\" to block the known attack patterns.\"\n\n1.\u00a0 Open the IIS Manager.\n2.\u00a0 Expand the Default Web Site.\n3.\u00a0 Select Autodiscover.\n4.\u00a0 In the Feature View, click URL Rewrite.\n5.\u00a0 In the Actions pane on the right-hand side, click Add Rules.\n6.\u00a0 Select Request Blocking and click OK.\n7.\u00a0 Add String \u201c.*autodiscover\\.json.*\\@.*Powershell.*\u201d (excluding quotes) and click OK.\n8.\u00a0 Expand the rule and select the rule with the Pattern \".*autodiscover\\.json.*\\@.*Powershell.*\" and click Edit under Conditions.\n9.\u00a0 Change the condition input from {URL} to {REQUEST_URI{\n10.\u00a0 Block HTTP:5985 and HTTPS:5986 ports\n11.\u00a0 For check compromised server can use below PowerShell command to scan IIS logs file\nc:\\>Get-ChildItem -Recurse -Path  -Filter \"*.log\" | Select-String -Pattern 'powershell.*autodiscover\\.json.*\\@.*200'", "creation_timestamp": "2022-09-30T18:49:22.000000Z"}, {"uuid": "26320cd8-51b4-48fd-affd-712071c87c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/crackcodes/1915", "content": "#Analytics\nTop 10 most exploited vulnerabilities in 2022\n\n1. CVE-2022-30190: MS Office \"Follina\"\n\n2. CVE-2021-44228: Apache Log4Shell\n\n3. CVE-2022-22965: Spring4Shell\n\n4. CVE-2022-1388: F5 BIG-IP\n\n5. CVE-2022-0609: Google Chrome zero-day\nhttps://blog.google/threat-analysis-group/countering-threats-north-korea\n6. CVE-2017-11882: Old but not forgotten - MS Office bug\n\n7. CVE-2022-41082, CVE-2022-41040: ProxyNotShell\n\n8. CVE-2022-27925, CVE-2022-41352: Zimbra Collaboration Suite bugs\n\n\n9. CVE-2022-26134: Atlassian Confluence RCE flaw  \n\n10. CVE-2022-30525: Zyxel RCE vulnerability", "creation_timestamp": "2022-12-21T16:27:48.000000Z"}, {"uuid": "4866c902-2ecf-46a8-a51e-e5123e6030b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/true_secator/3728", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0441 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Microsoft Exchange, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043a ProxyNotShell.\n\n\u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e,\u00a0CVE-2022-41082 \u0438 CVE-2022-41040 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Microsoft Exchange Server 2013, 2016 \u0438 2019 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 PowerShell \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c RCE \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b.\n\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f ProxyNotShell \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043d\u043e\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e PatchTuesday.\n\n\u0418 \u0443\u0436\u0435 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u0430\u0442\u0447\u0430, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Janggggg\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b PoC \u0434\u043b\u044f ProxyNotShell, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0434\u043b\u044f \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange.\n\n\u0410\u0432\u0442\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u044b\u0439 \u0423\u0438\u043b\u043b \u0414\u043e\u0440\u043c\u0430\u043d\u043d \u0438\u0437 ANALYGENCE \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0438\u00a0\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u00a0\u0435\u0433\u043e \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Exchange Server 2016 \u0438 2019.\n\n\u041f\u0440\u0430\u0432\u0434\u0430 \u0434\u043e\u0431\u0430\u0432\u0438\u043b, \u0447\u0442\u043e \u043a\u043e\u0434 \u043d\u0443\u0436\u0434\u0430\u0435\u0442\u0441\u044f \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u0434\u043b\u044f \u0435\u0433\u043e \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u043d\u0438\u044f \u043d\u0430 Exchange Server 2013.\n\nGreyNoise \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 ProxyNotShell \u0441 \u043a\u043e\u043d\u0446\u0430 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430\u00a0\u0441\u043f\u0438\u0441\u043e\u043a IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u0442\u0438\u043c\u0438 \u0430\u0442\u0430\u043a\u0430\u043c\u0438.\n\n\u041a\u0430\u043a \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u0438 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a Chopper \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0434\u043b\u044f \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0438 \u043a\u0440\u0430\u0436\u0438 \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u0431\u043e\u043a\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f \u0432 \u0441\u0435\u0442\u044f\u0445 \u0441\u0432\u043e\u0438\u0445 \u0436\u0435\u0440\u0442\u0432.\n\n\u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u0442\u0430\u043a\u0436\u0435\u00a0\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b, \u0447\u0442\u043e 30 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u043e\u043d\u0438 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044f\u043c, \u0437\u0430\u044f\u0432\u0438\u0432, \u0447\u0442\u043e \u0437\u043d\u0430\u0435\u0442 \u043e\u0431 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0412 \u0441\u0432\u044f\u0437\u0438 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u044f\u043c\u0438, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0430\u0442\u0430\u043a.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u044b Exchange Online \u0443\u0436\u0435 \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u044b \u043e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0438\u043c \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439, \u043a\u0440\u043e\u043c\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Exchange \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u0440\u0435\u0434\u0435.", "creation_timestamp": "2022-11-21T11:24:55.000000Z"}, {"uuid": "e7e22dfe-1683-4355-ba0f-abecfbc76089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/true_secator/3680", "content": "\u041d\u043e\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0439 Patch Tuesday \u043e\u0442 Microsoft \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 68 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Windows, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 6 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day.\n\n\u0421\u0440\u0435\u0434\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445: 12 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, 2 -\u0441 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0438 55 - \u0432\u0430\u0436\u043d\u044b\u0435.\n\n\u041f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c: 27 - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 4 - \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 16 - RCE, 11 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS, 3 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433.\n\n\u0413\u043b\u0430\u0432\u043d\u0430\u044f \u0438\u0437\u044e\u043c\u0438\u043d\u043a\u0430 \u043f\u0430\u0442\u0447\u0430 - \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 CVE \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Exchange Server, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u043a\u0430\u043a ProxyNotShell.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u0436\u0435, \u0441\u043f\u0438\u0441\u043e\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0-day \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c:\n\n- CVE-2022-41128: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u044f\u0437\u044b\u043a\u0430\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432 Windows, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u041a\u043b\u0435\u043c\u0435\u043d\u0442\u043e\u043c \u041b\u0435\u0441\u0438\u043d\u0435\u043c \u0438\u0437 \u0433\u0440\u0443\u043f\u043f\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Google. \u0411\u0430\u0433\u0430 \u0442\u0440\u0435\u0431\u0443\u0435\u0442, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0435\u0439 Windows \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0443.\n\n- CVE-2022-41091: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Windows Mark of the Web Security Bypass. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 MOTW, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430 \u0432 Microsoft Office. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0434\u0432\u0430 \u043e\u0431\u0445\u043e\u0434\u0430 Mark of the Web, \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0423\u0438\u043b\u043b\u043e\u043c \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 Zip-\u0444\u0430\u0439\u043b \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows.\n\n- CVE-2022-41073: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u0438 \u043f\u0435\u0447\u0430\u0442\u0438 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0446\u0435\u043d\u0442\u0440\u043e\u043c Microsoft Threat Intelligence Center (MSTIC). \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438.\n\n- CVE-2022-41125: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043a\u043b\u044e\u0447\u0435\u0439 Windows CNG, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Microsoft Threat Intelligence Center (MSTIC) \u0438 Microsoft Security Response Center (MSRC).\n\n- CVE-2022-41040: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Exchange Server, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 GTSC \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0438\u043d\u0438\u0446\u0438\u0430\u0442\u0438\u0432\u044b Zero Dat. \u041f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0431\u0443\u0434\u0443\u0442 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c PowerShell \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n- CVE-2022-41082: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Microsoft Exchange, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 GTSC \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0438\u043d\u0438\u0446\u0438\u0430\u0442\u0438\u0432\u044b Zero Dat. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043c\u043e\u0436\u0435\u0442 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043d\u043e\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u043c \u043f\u0430\u0442\u0447\u0435, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0442\u043e\u0438\u0442 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435, \u2014 \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows\u00a0Kerberos (CVE-2022-37967),\u00a0Kerberos RC4-HMAC (CVE-2022-37966) \u0438 Microsoft Exchange Server (CVE-2022-41080) \u0438 \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0439 Windows Hyper-V (CVE-2022-38015).\n\n\u0412 \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a \u044d\u0442\u0438\u043c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0440\u044f\u0434 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0442\u043e\u0447\u043a\u0430-\u0442\u043e\u0447\u043a\u0430 (PPTP), Microsoft Excel, Word, \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 ODBC, Office Graphics, SharePoint Server, JScript9, Chakra \u0438 Visual Studio, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0440\u044f\u0434 \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Win32k, Overlay Filter \u0438 Group Policy.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u0432 Patch Tuesday \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2022-11-09T14:40:05.000000Z"}, {"uuid": "b26c0c6c-8da5-4446-88d7-3f2de295b418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/true_secator/3547", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 Patch Tuesday, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0432 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 84 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Microsoft Windows \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 \u0432 \u044d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u0432\u0435 0-day.\n\n\u0412 \u0446\u0435\u043b\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u043e \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u044f\u043c: 39 - \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 2 - \u043e\u0431\u0445\u043e\u0434 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 20 - RCE, 11 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 8 - \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438, 4 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c 30 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 0-day \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u0430 \u0434\u0440\u0443\u0433\u0430\u044f \u2014 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0430.\n\n\u041e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Microsoft Office \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u041a\u043e\u0434\u0438 \u0422\u043e\u043c\u0430\u0441\u043e\u043c\u00a0\u0438\u0437 SpecterOps. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0442\u043e\u043a\u0435\u043d\u0430\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\nCVE-2022-41033 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 Windows COM+ \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Active Directory, Azure, Microsoft Office, SharePoint, Hyper-V \u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Windows \u00ab\u0442\u043e\u0447\u043a\u0430-\u0442\u043e\u0447\u043a\u0430\u00bb.\n\n\u0412\u0441\u0435 \u0431\u044b \u043d\u0438\u0447\u0435\u0433\u043e, \u0434\u0430 \u0432\u043e\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u043f\u0440\u043e\u0441 \u0441 ProxyNotShell \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c.\n\n\u0414\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Exchange Server CVE-2022-41040 (\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u0430 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSRF), \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0438 CVE-2022-21082 (\u043e\u0448\u0438\u0431\u043a\u0430 RCE) \u043d\u0435 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0432\u044b\u0448\u0435\u0434\u0448\u0435\u0433\u043e Patch Tuesday. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0420\u0435\u0434\u043c\u043e\u043d\u0434 \u043d\u0435 \u0443\u043a\u0430\u0437\u0430\u043b \u0434\u0430\u0436\u0435 \u0441\u0440\u043e\u043a\u0430, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Windows \u043c\u043e\u0433\u0443\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Exchange Server.\n\n\u0412 \u0442\u043e\u0436\u0435 \u0432\u0440\u0435\u043c\u044f, \u0441\u0430\u043c\u0430 Microsoft \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e ProxyNotShell \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 \u0410\u0420\u0422 \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c \u043d\u0430 10 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2022-10-12T13:56:02.000000Z"}, {"uuid": "37d742c5-f859-4e89-80a4-821b9290d30a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/true_secator/3516", "content": "\u041f\u043e\u0441\u043b\u0435 \u043e\u0431\u0440\u0443\u0448\u0438\u0432\u0448\u0435\u0439\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u043a\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0435 Microsoft \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e ProxyNotShell, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0431\u044b\u043b\u0438 \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u044b \u0438\u0441\u043a\u0430\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 Exchange Zero-Days, \u0432\u0435\u0434\u044c \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0441\u043c\u043e\u0433\u043b\u0438 \u0431\u0435\u0437 \u0442\u0440\u0443\u0434\u0430 \u043e\u0431\u043e\u0439\u0442\u0438 \u0438\u0445.\n\n\u0418, \u0443\u0436\u0435 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e, Microsoft \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u043f\u043e \u0441\u0432\u043e\u0435\u0439 \u043d\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u00ab\u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u0442\u0447\u0430\u00bb.\n\nMicrosoft \u043f\u0435\u0440\u0435\u0441\u043c\u043e\u0442\u0440\u0435\u043b\u0430 \u0441\u0432\u043e\u0438 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 CVE-2022-41040 \u0438 CVE-2022-41082 \u0432 Exchange Server, \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u0432 \u043d\u043e\u0432\u044b\u0435 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u044b \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 URL-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 (\u0442\u0430\u043a\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0435 \u0432 \u0432\u0438\u0434\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e\u00a0\u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f PowerShell).\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u0430\u0442\u0430\u043a\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435\u00a0\u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0442\u0441\u044f \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044e \u0432\u0435\u0431-\u043e\u0431\u043e\u043b\u043e\u0447\u0435\u043a.\n\n\u041f\u043e\u043a\u0430 \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u043e\u0433\u0434\u0430 Microsoft \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043d\u043e \u0432\u043f\u043e\u043b\u043d\u0435 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Patch Tuesday \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, 11 \u043e\u043a\u0442\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0411\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2022-10-05T11:43:50.000000Z"}, {"uuid": "5dd9e7cc-2d03-4789-93de-d72dce54bda5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/true_secator/3513", "content": "\u041d\u043e\u0432\u044b\u0435 \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u044b\u0435 o-day \u0432 Microsoft Exchange, \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u043a CVE-2022-41040 \u0438 CVE-2022-41082, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 ProxyNotShell, \u0432 \u0441\u0438\u043b\u0443 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u0430 \u0441 ProxyShell, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u0431\u043e\u043b\u0435\u0435 \u0433\u043e\u0434\u0430. \u0418 \u0434\u0435\u043b\u043e \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u044d\u0442\u043e\u043c.\n\n\u041f\u043e\u0445\u043e\u0436\u0435, \u0447\u0442\u043e \u043f\u0430\u0442\u0447\u0438 Microsoft \u0434\u043b\u044f ProxyShell \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438. \u041e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 ProxyShell, \u043d\u043e\u0432\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u0445\u043e\u0442\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0434\u0430\u0436\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b.\n\n\u042d\u0442\u0438\u043c \u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0410\u0420\u0422, \u0430 \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435, \u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u043d\u0433 \u043d\u0430 10 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u043e\u0432\u044b\u0445 ProxyNotShell \u0432\u044b\u044f\u0432\u0438\u043b\u0430 \u0441\u0430\u043c\u0430 \u0436\u0435 Microsoft. \u0418\u043d\u0444\u043e\u0441\u0435\u043a \u0436\u0435 \u043e\u0436\u0438\u0434\u0430\u0435\u0442, \u043a\u043e\u0433\u0434\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 Exchange Server \u0432 \u0441\u0432\u043e\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0422\u0435\u043c \u0431\u043e\u043b\u0435\u0435, \u0447\u0442\u043e \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0435\u0449\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b, \u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0439 Microsoft \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442 \u043f\u0440\u0430\u0432\u0438\u043b\u043e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043e\u0439\u0442\u0438.\n\n\u041f\u0435\u0440\u0432\u044b\u043c \u043e\u0431 \u044d\u0442\u043e\u043c \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Janggggg. \u041e\u043d \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u044d\u0442\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u043d\u0435\u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0438 \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u043b\u0435\u0433\u043a\u043e \u043e\u0431\u043e\u0439\u0442\u0438, \u043d\u0435 \u043f\u0440\u0438\u043b\u0430\u0433\u0430\u044f \u043e\u0441\u043e\u0431\u044b\u0445 \u0443\u0441\u0438\u043b\u0438\u0439. \u041f\u043e\u0437\u0436\u0435 \u043a \u043d\u0435\u043c\u0443 \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0438\u043b\u0441\u044f \u0441\u0442\u0430\u0440\u0448\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432 ANALYGENCE \u0423\u0438\u043b\u043b \u0414\u043e\u0440\u043c\u0430\u043d\u043d. \u041f\u043e\u0441\u043b\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043e \u043d\u0435\u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043c\u0435\u0440 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u044f\u0432\u0438\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 ProxyNotShell \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b GTSC. \n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 Microsoft \u043f\u043e \u044d\u0442\u0438\u043c \u0434\u0432\u0443\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u00a0\u043f\u0440\u0438\u043c\u0435\u043d\u0438\u043c\u044b \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c Exchange, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c Exchange Online, \u043f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430, \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u0442\u044c \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0443 \u043c\u043d\u043e\u0433\u0438\u0445 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430, \u0438 \u0432\u00a0\u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0435\u043c \u0432\u0438\u0434\u0435\u043e\u00a0\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u0430\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 Exchange \u0447\u0440\u0435\u0437\u0432\u044b\u0447\u0430\u0439\u043d\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u0432, \u0447\u0442\u043e \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 Exchange Server, \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u043d\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043d\u044b, GitHub \u0437\u0430\u043f\u043e\u043b\u043e\u043d\u0438\u043b\u0438 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0435 PoC \u0434\u043b\u044f ProxyNotShell \u043f\u043e \u0446\u0435\u043d\u0435 \u0432 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u043e\u0442\u0435\u043d \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432. \u041f\u0440\u0430\u0432\u0434\u0430, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0442\u043e\u0433\u043e \u0436\u0435 \u0411\u043e\u043c\u043e\u043d\u0442\u0430, \u0443 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u0435\u0439 \u0438\u043d\u0434\u0443\u0441\u0442\u0440\u0438\u0438 \u0438\u043d\u0444\u043e\u0441\u0435\u043a \u0432\u0441\u0435 \u0436\u0435 \u0435\u0441\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f, \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043c\u0430\u0441\u0441\u043e\u0432\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0430 \u0434\u0430\u043d\u043d\u043e\u043c \u044d\u0442\u0430\u043f\u0435 \u043c\u0430\u043b\u043e\u0432\u0435\u0440\u043e\u044f\u0442\u043d\u0430, \u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043e\u0447\u0435\u043d\u044c \u0446\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u0438 \u0438\u043d\u0444\u043e\u0441\u0435\u043a-\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u00a0\u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c,\u00a0\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e\u00a0\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f\u00a0\u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.", "creation_timestamp": "2022-10-04T17:28:01.000000Z"}, {"uuid": "6e6586f0-f9ef-4733-a76e-b7dc3b67127f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1261", "content": "\u200b\u200bCVE-2022-41040-metasploit-ProxyNotShell\n\nthe metasploit script(POC) about CVE-2022-41040. Microsoft Exchange are vulnerable to a server-side request forgery (SSRF) attack. An authenticated attacker can use the vulnerability to elevate privileges.\n\nhttps://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell", "creation_timestamp": "2022-10-20T17:20:10.000000Z"}, {"uuid": "51fa402f-4b21-49c2-ad8f-02efdffb682d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/25064", "content": "https://github.com/numanturle/CVE-2022-41040", "creation_timestamp": "2022-10-02T18:41:44.000000Z"}, {"uuid": "4ef9f270-6e2f-418e-92e5-a72150800881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/information_security_channel/48620", "content": "Mitigation for ProxyNotShell Exchange Vulnerabilities Easily Bypassed\nhttps://www.securityweek.com/mitigation-proxynotshell-exchange-vulnerabilities-easily-bypassed\n\nA mitigation proposed by Microsoft and others for the new Exchange Server zero-day vulnerabilities named ProxyNotShell can be easily bypassed, researchers warn.\nThe security holes, officially tracked as CVE-2022-41040 and CVE-2022-41082, can allow an attacker to remotely execute arbitrary code with elevated privileges.\nread more (https://www.securityweek.com/mitigation-proxynotshell-exchange-vulnerabilities-easily-bypassed)", "creation_timestamp": "2022-10-04T14:23:49.000000Z"}, {"uuid": "485a130a-253e-4509-926a-cd1169f47def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/thehackernews/2619", "content": "Microsoft confirms that 2 new zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) affecting Exchange Server 2013, 2016 and 2019 are being exploited in the wild to take over systems.\n\nRead: https://thehackernews.com/2022/09/microsoft-confirms-2-new-exchange-zero.html", "creation_timestamp": "2022-09-30T11:06:08.000000Z"}, {"uuid": "a6a12a5e-dc5f-4b01-ac9d-85788014f09b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/thehackernews/2650", "content": "Microsoft has released an improved mitigation method to prevent exploitation attempts against recently disclosed unpatched Exchange server vulnerabilities (CVE-2022-41040 and CVE-2022-41082).\n\nRead: https://thehackernews.com/2022/10/microsoft-issues-improved-mitigations.html", "creation_timestamp": "2022-10-08T07:36:47.000000Z"}, {"uuid": "8f284a89-b238-475c-b3a6-122cb2d697d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/xakep_ru/13024", "content": "Microsoft \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 ProxyNotShell\n\n\u0418\u043d\u0436\u0435\u043d\u0435\u0440\u044b Microsoft \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u043e\u0442 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Exchange (CVE-2022-41040 \u0438 CVE-2022-41082), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c ProxyNotShell. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0430\u0442\u0447\u0435\u0439 \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432\u0441\u0435 \u0435\u0449\u0435 \u043d\u0435\u0442, \u0430 \u0418\u0411-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u0447\u0442\u043e \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0435 \u0437\u0430\u0449\u0438\u0442\u043d\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u0431\u044b\u043b\u043e \u043b\u0435\u0433\u043a\u043e \u043e\u0431\u043e\u0439\u0442\u0438.\n\nhttps://xakep.ru/2022/10/06/proxynotshell-mitigation/", "creation_timestamp": "2022-10-06T13:37:37.000000Z"}, {"uuid": "fa48e12e-c33a-4d3d-95ca-341e33cae394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2523", "content": "#CVE-2022\nA Zeek CVE-2022-24491 detector.\n\nhttps://github.com/corelight/CVE-2022-24491\n\n\nwriteup and PoC for (CVE-2022-41082/CVE-2022-41040) aka ProxyNotShell\nhttps://github.com/Adynervi/CVE-2022-41082-RCE-PoC\n\nPython Exploit for CVE-2022-0739\n\nhttps://github.com/BKreisel/CVE-2022-0739\n\n@BlueRedTeam", "creation_timestamp": "2022-12-14T08:46:29.000000Z"}, {"uuid": "abe8e8d2-f340-41e8-b96a-db8730753af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2528", "content": "#CVE-2022\nwriteup and PoC for (CVE-2022-41082/CVE-2022-41040) aka ProxyNotShell\nhttps://github.com/Adynervi/CVE-2022-41082-RCE-PoC\n\n\nPython Exploit for CVE-2022-0739\nhttps://github.com/BKreisel/CVE-2022-0739\n\n\nAll details about CVE-2022-43097\n\nhttps://github.com/nibin-m/CVE-2022-43097\n\nCVE-2022-24112_POC\nhttps://github.com/Acczdy/CVE-2022-24112_POC\n\n@BlueRedTeam", "creation_timestamp": "2022-12-18T11:13:39.000000Z"}, {"uuid": "c5bda223-aa1a-45a6-be53-e43250a3009f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6581", "content": "mail.acronis.com is vulnerable to zero day vulnerability CVE-2022-41040\n\nhttps://hackerone.com/reports/1719719", "creation_timestamp": "2022-10-27T08:14:30.000000Z"}, {"uuid": "80aa1674-07a9-45c9-84d6-8476839c5ea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/7395", "content": "#Analytics\nTop 10 most exploited vulnerabilities in 2022\n\n1. CVE-2022-30190: MS Office \"Follina\"\n2. CVE-2021-44228: Apache Log4Shell\n3. CVE-2022-22965: Spring4Shell\n4. CVE-2022-1388: F5 BIG-IP\n5. CVE-2022-0609: Google Chrome 0-day\n6. CVE-2017-11882: MS Office RCE\n7. CVE-2022-41082, CVE-2022-41040: ProxyNotShell\n8. CVE-2022-27925, CVE-2022-41352: Zimbra Collaboration Suite bugs\n9. CVE-2022-26134: Atlassian Confluence RCE\n10. CVE-2022-30525: Zyxel RCE vulnerability", "creation_timestamp": "2024-10-11T03:03:25.000000Z"}, {"uuid": "42520988-75a2-41bb-8c8d-1d9ba9f03881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6952", "content": "#exploit\n1. CVE-2022-41040:\nSSRF in Microsoft Exchange Server\nhttps://github.com/kljunowsky/CVE-2022-41040-POC\n]-> https://github.com/TaroballzChen/CVE-2022-41040-metasploit-ProxyNotShell\n\n2. CVE-2022-40684:\nCritical Authentication Bypass in FortiOS and FortiProxy\nhttps://github.com/horizon3ai/CVE-2022-40684", "creation_timestamp": "2025-01-17T05:54:36.000000Z"}, {"uuid": "6c588011-9d93-4f4c-8442-83b953f6c3cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "published-proof-of-concept", "source": "Telegram/C7iwmx_eFokPE00SVB2436VPb_V05wOtPI1YPd39rvPO6JA", "content": "", "creation_timestamp": "2022-12-20T15:12:58.000000Z"}, {"uuid": "06554710-d5cc-4594-b282-b1ca329a3e2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "exploited", "source": "https://t.me/LearnExploit/4335", "content": "CVE-2022-41040 and CVE-2022-41082 (A.K.A ProxyNotShell)\n\nGithub\n\n#POC #Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:37.000000Z"}, {"uuid": "6068fdef-6169-4cc5-b4a3-6a475593dbed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/LearnExploit/4351", "content": "1. Follina (CVE-2022-30190)\n\n2. Log4Shell (CVE-2021-44228)\n\n3. Spring4Shell (CVE-2022-22965)\n\n4. F5 BIG-IP (CVE-2022-1388)\n\n5. Google Chrome zero-day (CVE-2022-0609)\n\n6. Old but not forgotten - Microsoft Office bug (CVE-2017-11882)\n\n7. ProxyNotShell (CVE-2022-41082, CVE-2022-41040)\n\n8. Zimbra Collaboration Suite bugs (CVE-2022-27925, CVE-2022-41352)\n\n9. Atlassian Confluence RCE flaw (CVE-2022-26134)\n\n10. Zyxel RCE vulnerability (CVE-2022-30525)\n\n#Exploit \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:38.000000Z"}, {"uuid": "5c8851c4-aa9d-4768-ab5d-40a0399270bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41040", "type": "seen", "source": "https://t.me/secmedia/660", "content": "\u0417\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432 \u0432 \u043e\u0431\u043b\u0430\u0441\u0442\u0438 \u043f\u0440\u043e\u0434\u0430\u0436\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432. \u041c\u043e\u0448\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u043b\u0438 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 Github, \u0433\u0434\u0435 \u044f\u043a\u043e\u0431\u044b \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u043b\u0438 \u044d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Microsoft Exchange CVE-2022-41040 \u0438 CVE-2022-41082.", "creation_timestamp": "2022-10-04T14:10:44.000000Z"}]}