Combining MS SharePoint Server flaws achieve Remote Code Execution
Take action: If you are behind on patching your Sharepoint Server, time to hustle. Because with a public PoC code of the exploit, it's just a matter of time before Sharepoint is attacked.
Microsoft SharePoint Server has fixed two critical vulnerabilities, CVE-2023-29357 and CVE-2023-24955 which, when combined enable threat actors to execute remote code on the server. These vulnerabilities were initially discovered during the Zero Day Initiative’s Pwn2Own contest held in March 2023. STAR Labs found and reported the vulnerabilities, earning a $100,000 reward.
A security researcher named Nguyễn Tiến Giang published a GitHub repository with a proof-of-concept (PoC) for an exploit chain. This exploit combines the two identified vulnerabilities, enabling successful remote command execution.
The combination of both vulnerabilities resulted in an unauthenticated Remote Code Execution (RCE) on the Microsoft SharePoint Server. A proof-of-concept video was shared to demonstrate the potential attack and exploitation.
|Atos Unify OpenScape reports maximum severity critical vulnerability|
|Zimbra XSS vulnerability exploited by hackers to to …|
|Atlassian Confluence Server critical flaw exploited by hackers|
|Apache Struts 2 fixes critical vulnerablity, upgrade ASAP|
|VMware reports public exploit of vRealize RCE vulnerability|