← back
CVE-2021-29416

CVE-2021-29416

EPSS 1.1%
An issue was discovered in PortSwigger Burp Suite before 2021.2. During viewing of a malicious request, it can be manipulated into issuing a request that does not respect its upstream proxy configuration. This could leak NetNTLM hashes on Windows systems that fail to block outbound SMB.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://hackerone.com/reports/1054382https://portswigger.net/burp/releases/professional-community-2020-12?requestededition=professional