Skip to content

pussycat0x/CVE-2021-26855-SSRF

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2021-26855-SSRF-Poc

This script helps to identify CVE-2021-26855 ssrf Poc

Reference: https://proxylogon.com/

Script usage

python CVE-2021-26855.py -H target.com -B xxxxxxxxxxxxxxxxxx.burpcollaborator.net

PoC

If you are able to retrieve tokens through HTTPS request. then the target is vulnerable. otherwise, it will be a false positive. Check the following headers. X-SourceCafeServer: X-CommonAccessToken:

http request