CVE-2021-26855: ProxyLogon
What is ProxyLogon?
A server-side request forgery (SSRF) vulnerability in Microsoft Exchange Server that allows unauthenticated attackers to send arbitrary HTTP requests and authenticate as the Exchange server. Part of a chain enabling full server compromise.
Impact & Exploitation
Exploited by HAFNIUM (Chinese state actor) to compromise 250,000+ Exchange servers globally. Led to mass deployment of web shells for persistent access.
How Precogs AI Detects ProxyLogon
Precogs AI Binary DAST detects SSRF vulnerabilities in compiled web applications and identifies Exchange-style authentication bypass patterns during runtime testing.
Precogs Research
This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.