Vulnerable Exchange Server Report

LAST UPDATED: 2021-05-16

This report contains a list of vulnerable Microsoft Exchange servers found through our daily IPv4 full Internet scans.

As of 2021-05-16 this scan contains information on services with the following remote code execution pre-authorization vulnerabilities:

The CVE-2021-26855 vulnerability assessment is made based on Microsoft’s http-vuln-cve2021-26855.nse nmap detection script.

For more information on CVE-2021-26855 scanning efforts, please read about our previous special reports.

For more information on our scanning efforts, check out our Internet scanning summary page.

Fields

  • timestamp
    Timestamp when the IP was seen in UTC+0
  • ip
    IP of the affected device
  • port
    Port response was received from
  • hostname
    Hostname of the affected device (may be from reverse DNS)
  • tag
    Array of tags. This would be exchange;cve-2021-26855
  • asn
    AS of the affected device
  • geo
    Country of the affected device
  • region
    Region of the affected device
  • city
    City of the affected device
  • naics
    North American Industry Classification System Code
  • sic
    Standard Industrial Classification System Code
  • sector
    Sector of the IP in question
  • version
    Exchange version detected
  • servername
    Exchange server name

Sample

"timestamp","ip","port","hostname","tag","asn","geo","region","city","naics","sic","sector","version","servername","url"
"2021-05-14 00:11:30","12.237.x,x",443,"afs-exch-cas2.xxx.com","exchange;cve-2021-26855",7018,"US","CALIFORNIA","TURLOCK",517311,,"Communications, Service Provider, and Hosting Service","15.2.721","AFS-EXCH2019",
"2021-05-14 00:11:37","98.153.x.x",443,"rrcs-98-153-x-x.west.biz.rr.com","exchange;cve-2021-26855",20001,"US","CALIFORNIA","LOS ANGELES",517311,,"Communications, Service Provider, and Hosting Service","15.0.847","SSAMAIL",
"2021-05-14 00:11:38","206.210.x.x",443,"webmail.xxx.com","exchange;cve-2021-26855",17054,"US","PENNSYLVANIA","PITTSBURGH",518210,,,"15.0.1178","OMNYXEXCH02",
"2021-05-14 00:11:38","12.33.x.x",443,"mail.xxx.org","exchange;cve-2021-26855",7018,"US","ARKANSAS","LITTLE ROCK",921120,,"Communications, Service Provider, and Hosting Service","15.1.2176","MHASVR02",
"2021-05-14 00:11:38","41.204.x.x",443,"mail.xxx.mg","exchange;cve-2021-26855",21042,"MG","ANTANANARIVO","ANTANANARIVO",,,,,"SABMHQE0232",
"2021-05-14 00:11:38","62.33.x.x",443,,"exchange;cve-2021-26855",20485,"RU","ALTAYSKIY KRAY","BARNAUL",,,,"15.2.659","PV-SRV04",
"2021-05-14 00:11:43","199.33.x.x",443,"mail.xxx.tv","exchange;cve-2021-26855",26481,"US","CALIFORNIA","LOS ANGELES",,,,"15.1.1779","MAIL",

Our 111 Report Types