Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021–28482)

Database~eb60615b-fc77-44b7-b0e4-a7abf6f7f57e~~2021-05-20T01:48:22
Server~exchange.evil.corp~1942062522~2021-05-19T08:36:11
- AnonymousCalendarProxyRequestHandler
- ComplianceServiceProxyRequestHandler
- EwsAutodiscoverProxyRequestHandler
- MailboxDeliveryProxyRequestHandler
- MapiProxyRequestHandler
- MicroServiceProxyRequestHandler
- MrsProxyRequestHandler
- OabProxyRequestHandler
...
  • Microsoft.Exchange.Clients.Owa2.Server.Web.MeetingPollHandler
  • Microsoft.Exchange.HttpProxy.PsgwProxyRequestHandler
MeetingPollHandler.ProcessRequest()-> MeetingPollProposeOptionsPayload.ProcessRequest()
EntitySerializer.Deserialize<Dictionary<string, ProposeOptionsMeetingPollParameters>>(largeStringProperty);

--

--

--

asdasd asdasdasd asdasdasd

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jang

Jang

asdasd asdasdasd asdasdasd

More from Medium

rDEX Bug Bounty Recap

Announcing Qilin V2 Mainnet Bug Bounty Program on Immunefi

KYVE // incentivised testnet errors FAQ

Bug Report Update!