Exploit for #VU17622 Code Injection in Microsoft SharePoint Server and Microsoft SharePoint Foundation

Cybersecurity Help s.r.o.

Published: 2020-03-18 | Updated: 2021-05-27

Vulnerability identifier: #VU17622

Vulnerability risk: High

CVSSv4.0: 9.4 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/U:Amber]

CVE-ID: CVE-2019-0604

CWE-ID: CWE-94

Exploitation vector: Network

Exploits in database: 4

May 27, 2021
- weaponized-0604 (Automated tool to exploit sharepoint CVE-2019-0604) [Github]
February 12, 2021
- weaponized-0604 (Automated tool to exploit sharepoint CVE-2019-0604) [Github]
March 26, 2020
- CVE-2019-0604 (详解 k8gege的SharePoint RCE exploit cve-2019-0604-exp.py的代码，动手制作自己的payload) [Github]
March 18, 2020
- CVE-2019-0604 (cve-2019-0604 SharePoint RCE exploit) [Github]

Vulnerable software:
Microsoft SharePoint Server
Server applications / Application servers
Microsoft SharePoint Foundation
Server applications / Application servers

Vendor: Microsoft