With no time to waste, we’ve just launched a new scanner you can use to assess if the recent Server-Side Request Forgery (SSRF) vulnerability (CVE-2021-26855) impacts your Microsoft Exchange Servers: the ProxyLogon Scanner.
An unauthenticated remote attacker can exploit this high-risk vulnerability to force the Exchange service to perform arbitrary HTTPS requests. As a result, the malicious actor can read users’ emails configured on the Exchange Server.
When chained with another vulnerability (e.g. CVE-2021-27065, post-authentication file write), itleads to unauthenticated RCE on the Exchange Server, impacting almost all versions exposed to the Internet.
This being a widespread vulnerability, cybercriminals are actively attacking it, exposing thousands of companies worldwide.