Exploit for #VU51171 Server-Side Request Forgery (SSRF) in Microsoft Exchange Server

Vulnerability identifier: #VU51171

Vulnerability risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2021-26855

CWE-ID: CWE-918

Exploitation vector: Network

Exploits in database: 44

• May 14, 2023
  • CVE-2021-26855 (CVE-2021-26855 exp) [Github]
• September 27, 2022
  • Scan-Vuln-CVE-2021-26855 () [Github]
• August 29, 2022
  • CVE-2021-26855-SSRF-Exchange (CVE-2021-26855 SSRF Exchange Server) [Github]
• June 27, 2022
  • ProxyLogon (ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)) [Github]
• June 26, 2022
  • ExchangeSmash (CVE-2021-26855) [Github]
• January 16, 2022
  • CVE-2021-26856 () [Github]
• November 3, 2021
  • CVE-2021-26855_SSRF (POC of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865, ProxyLogon poc) [Github]
• September 23, 2021
  • CVE-2021-26855-SSRF-Exchange (CVE-2021-26855 SSRF Exchange Server) [Github]
• September 14, 2021
  • CVE-2021-26855-d () [Github]
• September 12, 2021
  • ProxyVulns ([ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] CVE-2021-34473 & CVE-2021-34523 & CVE-2021-31207 Exploit Chains.) [Github]
• August 19, 2021
  • CVE_2021_26855_SSRF () [Github]
• August 18, 2021
  • ExchangeSSRFtoRCEExploit (CVE-2021-26855 & CVE-2021-27065) [Github]
• August 15, 2021
  • CVE-2021-26855 () [Github]
• July 14, 2021
  • CVE-2021-26855 (PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github) [Github]
• July 12, 2021
  • CVE-2021-26855 (PoC for CVE-2021-26855 -Just a checker-) [Github]
  • Microsoft_Exchange_Server_SSRF_CVE-2021-26855 (Microsoft Exchange Server SSRF漏洞(CVE-2021-26855)) [Github]
• June 17, 2021
  • Microsoft Exchange 2019 - Unauthenticated Email Download (Metasploit) [Exploit-DB]
• June 10, 2021
  • ProxyLogon (ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth [Github]
• June 6, 2021
  • exchange_proxylogon (Module pack for #ProxyLogon (part. of my contribute for Metasploit-Framework) [CVE-2021-26855 && CVE-2021-27065]) [Github]
  • SharpProxyLogon (C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode injection ) [Github]
• May 30, 2021
  • CVE-2021-26855-SSRF (This script helps to identify CVE-2021-26855 ssrf Poc) [Github]
• May 26, 2021
  • proxylogscan (A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).) [Github]
• May 24, 2021
  • CVE-2021-26855 (CVE-2021-26855 exp) [Github]
• May 20, 2021
  • Microsoft Exchange 2019 - Unauthenticated Email Download [Exploit-DB]
• May 18, 2021
  • Check_Emails_For_CVE_2021_26855 () [Github]
  • CVE-2021-26855_PoC () [Github]
• May 9, 2021
  • Microsoft Exchange ProxyLogon Collector [Metasploit]
  • Microsoft Exchange ProxyLogon Scanner [Metasploit]
  • Microsoft Exchange ProxyLogon RCE [Metasploit]
• April 16, 2021
  • ProxyLogon (CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit) [Github]
• April 6, 2021
  • eeb927d1189ad44742095f58636483984bfbfa355f69f94439e276df306d9568 (CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the E [Github]
  • CVE-2021-26855-exploit-Exchange () [Github]
• April 1, 2021
  • exprolog (ProxyLogon Full Exploit Chain PoC (CVE-2021–26855, CVE-2021–26857, CVE-2021–26858, CVE-2021–27065)) [Github]
• March 26, 2021
  • proxylogon-exploit (Proof-of-concept exploit for CVE-2021-26855 and CVE-2021-27065. Unauthenticated RCE in Exchange.) [Github]
  • []
• March 18, 2021
  • ProxyLogon (ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)) [Github]
  • ProxyLogon (Chaining CVE-2021-26855 and CVE-2021-26857 to exploit Microsoft Exchange) [Github]
  • ProxyLogon-CVE-2021-26855-metasploit (CVE-2021-26855 proxyLogon metasploit exploit script) [Github]
  • CVE-2021-26855_Exchange (Microsoft Exchange Proxylogon Exploit Chain EXP分析) [Github]
• March 15, 2021
  • ProxyLogon-CVE-2021-26855 (RCE exploit for ProxyLogon vulnerability in Microsoft Exchange) [Github]
• March 12, 2021
  • CVE_2021_26855_Exploit_Hub () [Github]
  • CVE-2021-26855-PoC (PoC exploit code for CVE-2021-26855) [Github]
  • CVE-2021-26855 ( CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server.) [Github]
• March 11, 2021
  • RCE in Microsoft Exchange (CVE-2021-26855) [Custom exploits]

Vulnerable software:
Microsoft Exchange Server
Server applications / Mail servers

Vendor: Microsoft