← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-41082 — Actively Exploited: Exchange Server (Microsoft)

Microsoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.

CVE IDCVE-2022-41082
VendorMicrosoft
ProductExchange Server
Vulnerability nameMicrosoft Exchange Server Remote Code Execution Vulnerability
Date added2022-09-30
Remediation due2022-10-21
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionMicrosoft Exchange Server contains an unspecified vulnerability that allows for authenticated remote code execution. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41040 which allows for the remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →