Cutting Through the Noise: Security Insights by Zach Hanley

In August, Orange Tsai released details and also spoke at BlackHat and DEFCON detailing his security research into Microsoft Exchange. His latest blog post details a series of vulnerabilities dubbed ProxyShell. ProxyShell is a chain of three vulnerabilities: CVE-2021-34473 - Pre-auth Path Confusion leads to ACL Bypass CVE-2021-34523 - Elevation of Privilege on Exchange PowerShell Backend CVE-2021-31207 - Post-auth Arbitrary-File-Write leads to…

Write the file supplied in the --file argument to the location specified in the --path argument. The file will be written in the context of the vsphere-ui user. If the target is vulnerable, but the exploit fails, it is likely that the vsphere-ui user does not have permissions to write to the specified path.