Skip to main content

Hello Friends,

This is my First writeup, how I was able to find & exploit CVE-2022–21500 & get all Employees Data of a company.

Let’s Start the Hacking !

1- In the Shodan Search Engine I was Searching for the IPs of a Company.
hostname:

During my Search I found an interesting IP which belongs to the target.com

2- Then I passed this IP to Nuclei to discover the Vulnerabilities.
nuclei -u https://

3- Nuclei detected :

CVE-2022–21500] [http] [high] https:///OA_HTML/ibeCAcpSSOReg.jsp

I searched for this CVE-2022–21500 on the internet, what is it & how to exploit it?

And Here, the Exploit Process which allowed me to access all the employees data.

1- Pasted this URL in Browser: https:///OA_HTML/ibeCAcpSSOReg.jsp

Clicked on Register as individual

Filled the Required Details with my Gmail Account & Submit

2-After the submission, Immediately I got the Confirmation email with the Login Credentials.

Logged in With the Credentials & Accessed the Internal Portal Successfully.

3- Clicked on the Setting icon > Managed Proxies

4- Clicked Run Proxy Report.

5- On Username Box: typed any letter like a, b c ..z

6- Changed the existing date and clicked on the Search icon in the Username Box.

7- Then immediately got all the employees details. Also when I changed the letters like b, c,….z then all the details were exposing.

After Seeing this Data, I was completely surprised!

Status: Duplicate

Leave a Reply