According to the Cybersecurity and Infrastructure Security Agency (CISA), malicious cyber actors are actively exploiting the following ProxyShell vulnerabilities: CVE-2021-3447, CVE-2021-3452, and CVE-2021-3120. An attacker exploiting these vulnerabilities could execute arbitrary code on a vulnerable machine.