GobyVuls/CVE-2021-26857\CVE-2021-26858.md

Microsoft Exchange Server Remote Command Execution Vulnerability (CVE-2021-26857/CVE-2021-26858)

Vulnerability	Microsoft Exchange Server Remote Command Execution Vulnerability (CVE-2021-26857/CVE-2021-26858)
Chinese name	Microsoft Exchange Server 远程命令执行漏洞（CVE-2021-26857/CVE-2021-26858）
CVSS core	7.8
FOFA Query (click to view the results directly)	banner="Microsoft ESMTP MAIL Service" || banner="Microsoft Exchange Server" || banner="Microsoft Exchange Internet Mail Service" || banner="Microsoft SMTP MAIL" || banner="Microsoft Exchange" || (banner="owa" && banner="Location" && cert!="Technicolor") || banner="Set-Cookie: OutlookSession" || (((header="owa" && (header="Location" || header="X-Owa-Version" || header="Set-Cookie: OWA-COOKIE")) || (body="href=\"/owa/auth/" && (title="Outlook" || title="Exchange " || body="var a_sLgn" || body="aria-label=\"Outlook Web App\" class=\"signInImageHeader"))) && header!="WordPress" && body!="wp-content" && body!="wp-includes") || body="<!-- owapage = ASP.auth_logon_aspx" || header="x-owa-version" || body="window.location.replace(\"/owa/\" + window.location.hash);</script></head><body></body>" || body="<meta http-equiv=\"Refresh\" contect=\"0;url=/owa\">" || body="themes/resources/segoeui-semibold.ttf" || title=="Microsoft Outlook Web Access" || body="aria-label=\"Outlook Web App" || title="Outlook Web Access" || header="OutlookSession" || (body=".mouse .owaLogoContainer, .twide .owaLogoContainer" && body="owaLogoContainer") || (body="<div class=\"signInHeader\">Outlook</div>" && body="/owa/") || (body="owapage = ASP.auth_logon_aspx" && body="/owa/" && (body="showPasswordCheck" || body="Outlook")) || (title="Outlook Web App" && body="Microsoft Corporation") || header="realm=\"Outlook Web App" || ((body="使用 Outlook Web App " || body=" use Outlook Web App") && body="Microsoft Corporation")
Number of assets affected	2198588
Description	Microsoft Exchange Server is a suite of e-mail services programs from Microsoft Corporation of the United States. It provides mail access, storage, forwarding, voicemail, email filtering and filtering functions. Microsoft Exchange Server has a remote command execution vulnerability. Attackers can use this vulnerability to arbitrarily execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server.
Impact	Microsoft Exchange Server has a remote code execution vulnerability. Attackers can use this vulnerability to arbitrarily execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server.