更新公告:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16875
微软公告说的很明显,只需要一个Exchange用户账号。就能在Exchange服务器上执行任意命令。
https://srcincite.io/pocs/cve-2020-16875.py.txt
https://srcincite.io/pocs/cve-2020-16875.ps1.txt
researcher@incite:~$ ./poc.py |
FROM :ol4three.com | Author:ol4three
- 左青龙
- 微信扫一扫
- 右白虎
- 微信扫一扫
评论