ProxyLogon file write — chained with CVE-2021-26855 for full unauthenticated RCE and webshell deployment. Mass-exploited by 10+ APT groups in 2021. Check for China Chopper and similar webshells in Exchange OWA directories.
Microsoft Exchange Server remote code execution vulnerability as part of the ProxyLogon chain allowing unauthenticated attackers to write files to arbitrary paths.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →