CVE-2008-1547

NUCLEI

Microsoft Outlook Web Access <6.5.7638 - Open Redirect

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1547. PoCs published by Martin Suess. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a URI-redirection vulnerability in Outlook Web Access (OWA) 6.5 SP 2, where unsanitized user input allows redirection to arbitrary URLs, aiding in phishing attacks.

Description

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Martin Suess · textremotewindows

https://www.exploit-db.com/exploits/32489

View Code ZIP pw:eip

This exploit demonstrates a URI-redirection vulnerability in Outlook Web Access (OWA) 6.5 SP 2, where unsanitized user input allows redirection to arbitrary URLs, aiding in phishing attacks.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Outlook Web Access (OWA) 6.5 SP 2

No auth needed

Prerequisites: Access to the target OWA instance

MITRE ATT&CK

T1566.002 - Spearphishing Link

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Microsoft OWA Exchange Server 2003 - 'redir.asp' Open Redirection

MEDIUMby ctflearner

Shodan:

http.title:"Outlook" || http.favicon.hash:1768726119 || http.title:"outlook" || cpe:"cpe:2.3:a:microsoft:exchange_server"

FOFA: title="outlook" || icon_hash=1768726119