Exploit for #VU48886 Input validation error in Microsoft Exchange Server

Exploit for #VU48886 Input validation error in Microsoft Exchange Server

Published: 2020-12-11

Vulnerability identifier: #VU48886

Vulnerability risk: High

CVSSv3.1: 8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2020-17144

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 2

December 11, 2020
- CVE-2020-17144 (weaponized tool for CVE-2020-17144) [Github]
- CVE-2020-17144-EXP (Exchange2010 authorized RCE) [Github]

Impact: Code execution

Vulnerable software:
Microsoft Exchange Server
Server applications / Mail servers

Vendor: Microsoft