David chismon

David Chismon
7 Oct 2016

Accessing Internal Fileshares through Exchange ActiveSync

Exchange ActiveSync (EAS) can be exploited to access internal Windows file shares using only user mailbox credentials. The vulnerability was confirmed in Exchange 2013 and 2016 with near-default configurations. Attackers can list file share contents and download files by using specific EAS commands, potentially bypassing traditional access controls.