cve/2021/CVE-2021-27065.md

### [CVE-2021-27065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27065)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2021&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2022&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2023&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2010&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2011&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2012&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2013&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2014&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2015&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2017&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2018&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%202&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%203&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%204&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%205&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=15.00.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%20publication%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

Microsoft Exchange Server Remote Code Execution Vulnerability

### POC

#### Reference
- http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html

#### Github
- https://github.com/00011100/HAFHunt
- https://github.com/0day404/vulnerability-poc
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ahsanzia/Exchange-Exploit
- https://github.com/ArrestX/--POC
- https://github.com/Astrogeorgeonethree/Starred
- https://github.com/Astrogeorgeonethree/Starred2
- https://github.com/Atem1988/Starred
- https://github.com/BC-SECURITY/Moriarty
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/DCScoder/Exchange_IOC_Hunter
- https://github.com/FDlucifer/Proxy-Attackchain
- https://github.com/GhostTroops/TOP
- https://github.com/HackingCost/AD_Pentest
- https://github.com/HimmelAward/Goby_POC
- https://github.com/JERRY123S/all-poc
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NTUTtopicBryan/NTUT_HomeWork
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Nick-Yin12/106362522
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PEASEC/msexchange-server-cti-dataset
- https://github.com/RickGeex/ProxyLogon
- https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day
- https://github.com/SYRTI/POC_to_review
- https://github.com/Seeps/shellcollector
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Udyz/Proxylogon
- https://github.com/WhooAmii/POC_to_review
- https://github.com/Z0fhack/Goby_POC
- https://github.com/ZephrFish/Exch-CVE-2021-26855
- https://github.com/ZephrFish/Exch-CVE-2021-26855_Priv
- https://github.com/adamrpostjr/cve-2021-27065
- https://github.com/adarshpv9746/Microsoft-Proxylogon
- https://github.com/anquanscan/sec-tools
- https://github.com/bhassani/Recent-CVE
- https://github.com/boson87225/111
- https://github.com/byinarie/Zirconium
- https://github.com/catmandx/CVE-2021-26855-Exchange-RCE
- https://github.com/cert-lv/exchange_webshell_detection
- https://github.com/charlottelatest/CVE-2021-26855
- https://github.com/cryptolakk/ProxyLogon-Mass-RCE
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/cyware-labs/Operation-Exchange-Marauder
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/doris0213/Proxy-Logon
- https://github.com/dwisiswant0/proxylogscan
- https://github.com/evilashz/ExchangeSSRFtoRCEExploit
- https://github.com/gobysec/Goby
- https://github.com/h4x0r-dz/CVE-2021-26855
- https://github.com/hackerxj007/CVE-2021-26855
- https://github.com/heikanet/Microsoft-Exchange-RCE
- https://github.com/helsecert/2021-march-exchange
- https://github.com/herwonowr/exprolog
- https://github.com/hictf/CVE-2021-26855-CVE-2021-27065
- https://github.com/hktalent/TOP
- https://github.com/hosch3n/ProxyVulns
- https://github.com/huike007/penetration_poc
- https://github.com/jbmihoub/all-poc
- https://github.com/just0rg/Security-Interview
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kh4sh3i/ProxyLogon
- https://github.com/kh4sh3i/exchange-penetration-testing
- https://github.com/l3shyyy/ProxyLogon-Useful-PowershellScripts
- https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/mekhalleh/exchange_proxylogon
- https://github.com/mysticwayfarer1/Exchange-HAFNIUM
- https://github.com/naufalqwe/proxylogscan-master
- https://github.com/netlas-io/MsExchangeServerVersionCheck
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/p0wershe11/ProxyLogon
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/praetorian-inc/proxylogon-exploit
- https://github.com/r0ckysec/CVE-2021-26855_Exchange
- https://github.com/raheel0x01/CVE-2021-26855
- https://github.com/retr0-13/proxy_Attackchain
- https://github.com/s-ribeiro/Modsecurity-Rules
- https://github.com/seanjosee/NTUT_HOMEWORK
- https://github.com/sgnls/exchange-0days-202103
- https://github.com/soosmile/POC
- https://github.com/srvaccount/CVE-2021-26855-PoC
- https://github.com/ssrsec/Microsoft-Exchange-RCE
- https://github.com/superfish9/pt
- https://github.com/trhacknon/Pocingit
- https://github.com/vehemont/nvdlib
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zainimran/Capstone-MISP-Module
- https://github.com/zecool/cve
- https://github.com/zhzyker/vulmap
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2021-27065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27065)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2021&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2022&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Cumulative%20Update%2023&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202013%20Service%20Pack%201&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2010&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2011&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2012&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2013&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2014&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2015&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2016&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2017&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2018&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%2019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202016%20Cumulative%20Update%209&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%201&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%202&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%203&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%204&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%205&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%206&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%207&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019%20Cumulative%20Update%208&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Exchange%20Server%202019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.00.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.01.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.02.0%3C%20publication%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)`

			`### Description`

			`Microsoft Exchange Server Remote Code Execution Vulnerability`

			`### POC`

			`#### Reference`
			`- http://packetstormsecurity.com/files/161938/Microsoft-Exchange-ProxyLogon-Remote-Code-Execution.html`
			`- http://packetstormsecurity.com/files/162736/Microsoft-Exchange-ProxyLogon-Collector.html`

			`#### Github`
			`- https://github.com/00011100/HAFHunt`
			`- https://github.com/0day404/vulnerability-poc`
			`- https://github.com/20142995/sectool`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/Ahsanzia/Exchange-Exploit`
			`- https://github.com/ArrestX/--POC`
			`- https://github.com/Astrogeorgeonethree/Starred`
			`- https://github.com/Astrogeorgeonethree/Starred2`
			`- https://github.com/Atem1988/Starred`
			`- https://github.com/BC-SECURITY/Moriarty`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
			`- https://github.com/DCScoder/Exchange_IOC_Hunter`
			`- https://github.com/FDlucifer/Proxy-Attackchain`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/HackingCost/AD_Pentest`
			`- https://github.com/HimmelAward/Goby_POC`
			`- https://github.com/JERRY123S/all-poc`
			`- https://github.com/KayCHENvip/vulnerability-poc`
			`- https://github.com/Miraitowa70/POC-Notes`
			`- https://github.com/Mr-xn/Penetration_Testing_POC`
			`- https://github.com/NTUTtopicBryan/NTUT_HomeWork`
			`- https://github.com/NaInSec/CVE-PoC-in-GitHub`
			`- https://github.com/Nick-Yin12/106362522`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/PEASEC/msexchange-server-cti-dataset`
			`- https://github.com/RickGeex/ProxyLogon`
			`- https://github.com/SCS-Labs/HAFNIUM-Microsoft-Exchange-0day`
			`- https://github.com/SYRTI/POC_to_review`
			`- https://github.com/Seeps/shellcollector`
			`- https://github.com/SexyBeast233/SecBooks`
			`- https://github.com/Threekiii/Awesome-POC`
			`- https://github.com/Udyz/Proxylogon`
			`- https://github.com/WhooAmii/POC_to_review`
			`- https://github.com/Z0fhack/Goby_POC`
			`- https://github.com/ZephrFish/Exch-CVE-2021-26855`
			`- https://github.com/ZephrFish/Exch-CVE-2021-26855_Priv`
			`- https://github.com/adamrpostjr/cve-2021-27065`
			`- https://github.com/adarshpv9746/Microsoft-Proxylogon`
			`- https://github.com/anquanscan/sec-tools`
			`- https://github.com/bhassani/Recent-CVE`
			`- https://github.com/boson87225/111`
			`- https://github.com/byinarie/Zirconium`
			`- https://github.com/catmandx/CVE-2021-26855-Exchange-RCE`
			`- https://github.com/cert-lv/exchange_webshell_detection`
			`- https://github.com/charlottelatest/CVE-2021-26855`
			`- https://github.com/cryptolakk/ProxyLogon-Mass-RCE`
			`- https://github.com/cyberanand1337x/bug-bounty-2022`
			`- https://github.com/cyware-labs/Operation-Exchange-Marauder`
			`- https://github.com/d4n-sec/d4n-sec.github.io`
			`- https://github.com/developer3000S/PoC-in-GitHub`
			`- https://github.com/doris0213/Proxy-Logon`
			`- https://github.com/dwisiswant0/proxylogscan`
			`- https://github.com/evilashz/ExchangeSSRFtoRCEExploit`
			`- https://github.com/gobysec/Goby`
			`- https://github.com/h4x0r-dz/CVE-2021-26855`
			`- https://github.com/hackerxj007/CVE-2021-26855`
			`- https://github.com/heikanet/Microsoft-Exchange-RCE`
			`- https://github.com/helsecert/2021-march-exchange`
			`- https://github.com/herwonowr/exprolog`
			`- https://github.com/hictf/CVE-2021-26855-CVE-2021-27065`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/hosch3n/ProxyVulns`
			`- https://github.com/huike007/penetration_poc`
			`- https://github.com/jbmihoub/all-poc`
			`- https://github.com/just0rg/Security-Interview`
			`- https://github.com/k0mi-tg/CVE-POC`
			`- https://github.com/kh4sh3i/ProxyLogon`
			`- https://github.com/kh4sh3i/exchange-penetration-testing`
			`- https://github.com/l3shyyy/ProxyLogon-Useful-PowershellScripts`
			`- https://github.com/laoqin1234/https-github.com-HackingCost-AD_Pentest`
			`- https://github.com/lions2012/Penetration_Testing_POC`
			`- https://github.com/manas3c/CVE-POC`
			`- https://github.com/mekhalleh/exchange_proxylogon`
			`- https://github.com/mysticwayfarer1/Exchange-HAFNIUM`
			`- https://github.com/naufalqwe/proxylogscan-master`
			`- https://github.com/netlas-io/MsExchangeServerVersionCheck`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/p0wershe11/ProxyLogon`
			`- https://github.com/pen4uin/awesome-vulnerability-research`
			`- https://github.com/pen4uin/vulnerability-research`
			`- https://github.com/pen4uin/vulnerability-research-list`
			`- https://github.com/praetorian-inc/proxylogon-exploit`
			`- https://github.com/r0ckysec/CVE-2021-26855_Exchange`
			`- https://github.com/raheel0x01/CVE-2021-26855`
			`- https://github.com/retr0-13/proxy_Attackchain`
			`- https://github.com/s-ribeiro/Modsecurity-Rules`
			`- https://github.com/seanjosee/NTUT_HOMEWORK`
			`- https://github.com/sgnls/exchange-0days-202103`
			`- https://github.com/soosmile/POC`
			`- https://github.com/srvaccount/CVE-2021-26855-PoC`
			`- https://github.com/ssrsec/Microsoft-Exchange-RCE`
			`- https://github.com/superfish9/pt`
			`- https://github.com/trhacknon/Pocingit`
			`- https://github.com/vehemont/nvdlib`
			`- https://github.com/weeka10/-hktalent-TOP`
			`- https://github.com/whoforget/CVE-POC`
			`- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-`
			`- https://github.com/xuetusummer/Penetration_Testing_POC`
			`- https://github.com/youwizard/CVE-POC`
			`- https://github.com/zainimran/Capstone-MISP-Module`
			`- https://github.com/zecool/cve`
			`- https://github.com/zhzyker/vulmap`