logo

PoC Released for Microsoft Exchange EWS SSRF Flaw Targeting Internal Services

ID: 995fde96-b0f9-53bb-aefd-aa18d087b76b

STIX ID: report--995fde96-b0f9-53bb-aefd-aa18d087b76b

Feed Name: Cyber Press

Threat Score
70/100

Date Published: 2026-06-24

Date Updated: 2026-06-24

Author: Lucas Martin

...
...

A proof-of-concept exploit for CVE-2026-45502 (an SSRF in Microsoft Exchange EWS) was published, enabling authenticated attackers to force on-premises Exchange servers to make HTTP callbacks via a crafted InstallApp ManifestUrl; the report lists vulnerable Exchange builds, demonstrates callback confirmation to an attacker-controlled listener, outlines potential impacts (internal service and instance metadata access), and recommends applying Microsoft’s June 2026 patch (KB5094139) and auditing EWS InstallApp requests.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.