Source |
The Hacker News |
Identifiant |
7293804 |
Date de publication |
2022-10-04 13:35:00 (vue: 2022-10-04 09:07:14) |
Titre |
ProxyNotShell – the New Proxy Hell? |
Texte |
Nicknamed ProxyNotShell, a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery (SSRF) vulnerability CVE-2022-41040 and a second vulnerability, CVE-2022-41082 that allows Remote Code Execution (RCE) when PowerShell is available to unidentified attackers.
Based on ProxyShell, this new zero-day abuse risk leverage a chained attack similar to |
Envoyé |
Oui |
Condensat |
2022 41040 41082 abuse advantage allows attack attackers available based chained code cve day execution exploit forgery hell leverage microsoft new nicknamed powershell proxy proxynotshell proxyshell published rce recently remote request risk second server side similar ssrf takes unidentified used vulnerability when wild zero |
Tags |
Vulnerability
|
Stories |
|
Notes |
|
Move |
|