EIP-2026-119403

PRE-CVE

Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119403. PoCs published by Nate Power.

AI-analyzed exploit summary This Metasploit auxiliary module scans Microsoft Exchange servers for internal IP address disclosure via HTTP headers in responses from specific paths. It checks for 401 Unauthorized responses with WWW-Authenticate headers or 3xx redirects containing internal IP addresses.

Description

Microsoft Exchange - IIS HTTP Internal IP Address Disclosure (Metasploit)

Exploits (1)

exploitdb SCANNER

by Nate Power · rubywebappswindows

https://www.exploit-db.com/exploits/34817

View Code ZIP pw:eip

This Metasploit auxiliary module scans Microsoft Exchange servers for internal IP address disclosure via HTTP headers in responses from specific paths. It checks for 401 Unauthorized responses with WWW-Authenticate headers or 3xx redirects containing internal IP addresses.

Classification

Scanner 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Exchange OWA 2003, Exchange CAS 2007/2010/2013

No auth needed

Prerequisites: Network access to the target Exchange server · SSL/TLS connectivity to port 443

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026