writeups.xyz / Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707)

Submitter : c2a

Date: 28 April 2023

Bounty : undisclosed

Vulnerabilities :

• RCE
• Insecure Deserialization

Programs :

• Microsoft (Exchange)

Authors :

• Nguyễn Tiến Giang (@Testanull)

Link :
https://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707/