cve/2021/CVE-2021-26857.md

### [CVE-2021-26857](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26857)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202010%20Service%20Pack%203&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2021&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2022&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2023&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2011&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2012&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2013&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2014&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2015&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2017&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2018&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%202&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%203&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%204&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%205&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=14.0.0.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.00.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

Microsoft Exchange Server Remote Code Execution Vulnerability

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/00011100/HAFHunt
- https://github.com/20142995/sectool
- https://github.com/34zY/APT-Backpack
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ahsanzia/Exchange-Exploit
- https://github.com/Astrogeorgeonethree/Starred
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/BC-SECURITY/Moriarty
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/DCScoder/Exchange_IOC_Hunter
- https://github.com/GhostTroops/TOP
- https://github.com/Immersive-Labs-Sec/ProxyLogon
- https://github.com/JERRY123S/all-poc
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NTUTtopicBryan/NTUT_HomeWork
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day
- https://github.com/SYRTI/POC_to_review
- https://github.com/Seeps/shellcollector
- https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet
- https://github.com/SpearTip-Cyber-Counterintelligence/Zirconium
- https://github.com/WhooAmii/POC_to_review
- https://github.com/WiredPulse/Invoke-HAFNIUMCheck.ps1
- https://github.com/Yt1g3r/CVE-2021-26855_SSRF
- https://github.com/bhassani/Recent-CVE
- https://github.com/byinarie/Zirconium
- https://github.com/cert-lv/exchange_webshell_detection
- https://github.com/cryptolakk/ProxyLogon-Mass-RCE
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/cyware-labs/Operation-Exchange-Marauder
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/doris0213/Proxy-Logon
- https://github.com/herwonowr/exprolog
- https://github.com/hktalent/TOP
- https://github.com/huike007/penetration_poc
- https://github.com/jbmihoub/all-poc
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kh4sh3i/exchange-penetration-testing
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/mysticwayfarer1/Exchange-HAFNIUM
- https://github.com/netlas-io/MsExchangeServerVersionCheck
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/sgnls/exchange-0days-202103
- https://github.com/sirpedrotavares/Proxylogon-exploit
- https://github.com/soosmile/POC
- https://github.com/soteria-security/HAFNIUM-IOC
- https://github.com/trhacknon/Pocingit
- https://github.com/vehemont/nvdlib
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2021-26857](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26857)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202010%20Service%20Pack%203&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2021&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2022&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2023&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Service%20Pack%201&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2010&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2011&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2012&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2013&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2014&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2015&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2016&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2017&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2018&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%209&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%201&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%202&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%203&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%204&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%205&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%206&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%207&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=14.0.0.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.00.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)`

			`### Description`

			`Microsoft Exchange Server Remote Code Execution Vulnerability`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/00011100/HAFHunt`
			`- https://github.com/20142995/sectool`
			`- https://github.com/34zY/APT-Backpack`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/Ahsanzia/Exchange-Exploit`
			`- https://github.com/Astrogeorgeonethree/Starred`
			`- https://github.com/Astrogeorgeonethree/Starred2`
			`- https://github.com/Atem1988/Starred`
			`- https://github.com/BC-SECURITY/Moriarty`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
			`- https://github.com/DCScoder/Exchange_IOC_Hunter`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/Immersive-Labs-Sec/ProxyLogon`
			`- https://github.com/JERRY123S/all-poc`
			`- https://github.com/Mr-xn/Penetration_Testing_POC`
			`- https://github.com/NTUTtopicBryan/NTUT_HomeWork`
			`- https://github.com/NaInSec/CVE-PoC-in-GitHub`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day`
			`- https://github.com/SYRTI/POC_to_review`
			`- https://github.com/Seeps/shellcollector`
			`- https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet`
			`- https://github.com/SpearTip-Cyber-Counterintelligence/Zirconium`
			`- https://github.com/WhooAmii/POC_to_review`
			`- https://github.com/WiredPulse/Invoke-HAFNIUMCheck.ps1`
			`- https://github.com/Yt1g3r/CVE-2021-26855_SSRF`
			`- https://github.com/bhassani/Recent-CVE`
			`- https://github.com/byinarie/Zirconium`
			`- https://github.com/cert-lv/exchange_webshell_detection`
			`- https://github.com/cryptolakk/ProxyLogon-Mass-RCE`
			`- https://github.com/cyberanand1337x/bug-bounty-2022`
			`- https://github.com/cyware-labs/Operation-Exchange-Marauder`
			`- https://github.com/developer3000S/PoC-in-GitHub`
			`- https://github.com/doris0213/Proxy-Logon`
			`- https://github.com/herwonowr/exprolog`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/huike007/penetration_poc`
			`- https://github.com/jbmihoub/all-poc`
			`- https://github.com/k0mi-tg/CVE-POC`
			`- https://github.com/kh4sh3i/exchange-penetration-testing`
			`- https://github.com/lions2012/Penetration_Testing_POC`
			`- https://github.com/manas3c/CVE-POC`
			`- https://github.com/mysticwayfarer1/Exchange-HAFNIUM`
			`- https://github.com/netlas-io/MsExchangeServerVersionCheck`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/sgnls/exchange-0days-202103`
			`- https://github.com/sirpedrotavares/Proxylogon-exploit`
			`- https://github.com/soosmile/POC`
			`- https://github.com/soteria-security/HAFNIUM-IOC`
			`- https://github.com/trhacknon/Pocingit`
			`- https://github.com/vehemont/nvdlib`
			`- https://github.com/weeka10/-hktalent-TOP`
			`- https://github.com/whoforget/CVE-POC`
			`- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-`
			`- https://github.com/xuetusummer/Penetration_Testing_POC`
			`- https://github.com/youwizard/CVE-POC`
			`- https://github.com/zecool/cve`