PoC Released for Microsoft Exchange EWS SSRF Flaw Targeting Internal Services
ID: 995fde96-b0f9-53bb-aefd-aa18d087b76b
STIX ID: report--995fde96-b0f9-53bb-aefd-aa18d087b76b
Feed Name: Cyber Press
A proof-of-concept exploit for CVE-2026-45502 (an SSRF in Microsoft Exchange EWS) was published, enabling authenticated attackers to force on-premises Exchange servers to make HTTP callbacks via a crafted InstallApp ManifestUrl; the report lists vulnerable Exchange builds, demonstrates callback confirmation to an attacker-controlled listener, outlines potential impacts (internal service and instance metadata access), and recommends applying Microsoft’s June 2026 patch (KB5094139) and auditing EWS InstallApp requests.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
