Blog

What is the issue? In January 2021, Volexity uncovered a Server Side Request Forgery (SSRF) Zero-Day in Microsoft Exchange Server (CVE-2021-26855) when it was exploited on one of their servers. The pre-authentication vulnerability is severe, allowing attackers to dump mailbox content, and later investigation found that attackers were further chaining the SSRF vulnerability with an […]