Tens of thousands of Microsoft Exchange servers(opens in new tab) are still vulnerable to a high-severity flaw used in ProxyNotShell exploits, researchers have warned.
Cybersecurity researchers Shadowserver Foundation said almost 70,000 IPs were vulnerable to CVE-2022-41082, a remote code execution (RCE) vulnerability patched in early November last year.
At press time, Shadowserver’s data are showing at least 57,000 vulnerable IPs, although the information comes with a disclaimer that results were “calculated by summing counts of unique IPs, which means that a “unique” IP may have been counted more than once”.