ProxyNotShell Zero-Day Mitigations Can Be Bypassed [CVE-2022-41040]
Two new zero-day vulnerabilities in Microsoft Exchange were recently reported by Microsoft and GTSC researchers. The two vulnerabilities, identified as CVE-2022-41040 and CVE-2022-41082, are known collectively as the ProxyNotShell exploit. CVE-2022-41040 is a server-side request forgery issue which can be…