Copy
View this email in your browser
Dear <<First Name>>,

With no time to waste, we’ve just launched a new scanner you can use to assess if the recent Server-Side Request Forgery (SSRF) vulnerability (CVE-2021-26855) impacts your Microsoft Exchange Servers: the ProxyLogon Scanner.
An unauthenticated remote attacker can exploit this high-risk vulnerability to force the Exchange service to perform arbitrary HTTPS requests. As a result, the malicious actor can read users’ emails configured on the Exchange Server.   
When chained with another vulnerability (e.g. CVE-2021-27065, post-authentication file write), it leads to unauthenticated RCE on the Exchange Server, impacting almost all versions exposed to the Internet. 
This being a widespread vulnerability, cybercriminals are actively attacking it, exposing thousands of companies worldwide.
 
Scan your Exchange Server now

   Here’s a sample report of the ProxyLogon Scanner results:

Microsoft already released security updates for this vulnerability and we strongly recommend applying the patches immediately.

If you can’t update right away, assume you’ve already been breached and take all necessary measures. This CISA advisory provides helpful indicators of compromise.

To make the most of your resources, use our ProxyLogon Scanner to check for vulnerable Microsoft Exchange Servers and prioritize patching.

Besides detection, you can also expedite your work by getting a full report packed with vulnerability and risk information, ready-to-use remediation advice, and more.

Try the ProxyLogon Scanner

Here’s to hoping your targets stay safe!
The Pentest-Tools.com team

Let's stay in touch!
Twitter
LinkedIn
Copyright © 2020 PentestTools SRL, All rights reserved.
You are receiving this email because you opted in at our website or used Pentest-Tools.com in the past.

Our mailing address is:
PentestTools SRL
Caderea Bastiliei 64, 1st Floor
Bucharest, Romania EU

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.