Finding exposed OWA servers vulnerable to proxyshell

A new set of critical vulnerabilities popped-up at this year’s BlackHat edition regarding Microsoft Exchange exploitable via Outlook Web Access. This set of vulnerabilities has been dubbed #proxyshell (aka CVE-2021-34473). GossiTheDog has made available an Nmap script to test for this issue. We have added our own check based on his tool so our customers …