What vulnerability and fix are associated with this remote Exchange PowerShell technique?

The technique was fixed in CVE-2022–41040, which patched the `RemoveExplicitLogonFromUrlAbsoluteUri` method in Exchange's `Microsoft.Exchange.HttpProxy.Common.dll`. This patch prevents the NTLM-authenticated remote PowerShell access described in the article. The underlying issue is related to NTLM over HTTP and ProxyShell’s SSRF bypasses.