■■■■□ PT Swarm team has reproduced an Arbitrary File Read for an internal site of Skype for Business / MS Lync.
CVE: CVE-2022-26911
Subdomains: dialin, meet, lyncdiscover, sip, …
Original advisory: https://t.co/WaYc1zs9Hh
The PoC
https://twitter.com/ptswarm/status/1549744638193541122
https://t.me/cKure/11650