This module first exploits a server side request forgery vulnerability present in Microsoft.Exchange.HttpProxy of Microsoft Exchange Server to bypass authentication. Then an arbitrary file write vulnerability present in WriteFileActivity of Microsoft.Exchange.Management.ControlPanel.DIService is used to deploy a .aspx file and execute commands. The deployed agent will run with the SYSTEM privileges.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
This module exploits a vulnerability in SaferVPN loading a malicious OpenSSL engine.
An elevation of privilege vulnerability exists in the way the Windows WalletService handles objects in memory.
An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system bypassing CVE-2020-1048.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system.
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system.
An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects.