CVE-2019-0604
CVE-2019-0604
In short
Microsoft SharePoint has a critical flaw that allows attackers to run malicious code remotely by uploading a specially crafted application package. The software doesn't properly verify the contents of the package before executing it.
Technical detail
A remote code execution vulnerability in Microsoft SharePoint stems from insufficient validation of application package source markup (CWE-20). An attacker can craft a malicious package and upload it to a vulnerable SharePoint instance; with appropriate permissions, the package is executed without proper source verification, leading to arbitrary code execution in the SharePoint context.
Summary generated and translated by AI from the official description.
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Microsoft · Microsoft SharePoint Enterprise ServerMicrosoft · Microsoft SharePoint FoundationMicrosoft · Microsoft SharePoint Serverpublic PoCs found — 8
githubgithub.com/linhlhq/CVE-2019-0604★ 132githubgithub.com/k8gege/CVE-2019-0604★ 100githubgithub.com/boxhg/CVE-2019-0604★ 30githubgithub.com/Gh0st0ne/weaponized-0604★ 8githubgithub.com/m5050/CVE-2019-0604★ 3githubgithub.com/likekabin/CVE-2019-0604_sharepoint_CVE★ 1githubgithub.com/davidlebr1/cve-2019-0604-SP2010-netv3.5★ 0exploitdbwww.exploit-db.com/exploits/48053unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →