'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339978)

Rule General Information
Release Date: 2026-05-06
Rule Name: Microsoft Exchange Server ProxyLogon SSRF Vulnerability (CVE-2021-26855)
Severity:
CVE ID:
Rule Protection Details
Description: Microsoft Exchange Server is an email service program developed by Microsoft Corporation of the United States.It provides functions such as email access, storage, forwarding, voicemail, and email filtering.Microsoft Exchange Server contains a code vulnerability.Attackers can construct malicious HTTP requests and authenticate through Exchange Server,thereby scanning the internal network and obtaining sensitive user information.
Impact: Successful exploitation allows an attacker to perform SSRF attacks against internal Exchange services, which when chained with other ProxyLogon vulnerabilities can lead to remote code execution with SYSTEM privileges. This results in complete compromise of the Exchange server, unauthorized access to email data, and potential lateral movement to other systems in the network.
Affected OS: Windows
Reference: CVE-2021-26855
Solutions
Please refer to announcements or patches release by the vendor: https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-26855