E23-eq6o1
CVSS:
8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
10
Year:
2022
Description
This strike exploits a server-side request forgery vulnerability in Microsoft Exchange Server. The vulnerability is due to insufficient handling of requests to the autodiscover component of Exchange.
An authenticated, remote attacker can exploit this vulnerability by sending a crafted request to the vulnerable Exchange server. Successful exploitation results in requests being made to backend servers.
*NOTE: This strike sends a request to /mapi/nspi/ or ews/exchange.asmx which are inaccessible by default.
In one-arm mode we use the authorization Administrator:Password1
CVE
References
https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend