Rule Library

Sigma Rules

2 rules found for "CVE-2021-26858"

3,731Total

3,132Detection

457Emerging

139Hunting

Filters

Type

Severity

Status

Product

CVE-2021-26858 Exchange Exploitation

Detects possible successful exploitation for vulnerability described in CVE-2021-26858 by looking for creation of non-standard files on disk by Exchange Server’s Unified Messaging service which could indicate dropping web shells or other malicious content

WindowsFile Event

Bhabesh RajWed Mar 032021

Emerging Threatcriticaltest

ProxyLogon Reset Virtual Directories Based On IIS Log

When exploiting this vulnerability with CVE-2021-26858, an SSRF attack is used to manipulate virtual directories

Web Server Log

François HubautTue Aug 102021