Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-24955

Published: 09/05/2023 Updated: 27/03/2024
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Sharepoint Enterprise Server

Vulnerability Summary

This vulnerability allows remote malicious users to execute arbitrary code on affected installations of Microsoft SharePoint. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the GenerateProxyAssembly method. The issue results from the lack of proper validation of a user-supplied string before using it to execute C# code. An attacker can leverage this vulnerability to execute code in the context of SharePoint farm service account.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft sharepoint enterprise server 2016

microsoft sharepoint server 2019

microsoft sharepoint server -

Vendor Advisories

Check Point Security Alerts: Microsoft SharePoint Remote Code Execution (CVE-2023-24955)
Check Point Reference: CPAI-2023-1367 Date Published: 11 Dec 2023 Severity: High ...

Exploits

Exploit DB: Sharepoint Dynamic Proxy Generator Remote Command Execution
This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023 The authentication bypass allows attackers to impersonate the Sharepoint Admin user This vulnera ...

Github Repositories

https://github.com/Chocapikk/CVE-2023-29357

Microsoft SharePoint Server Elevation of Privilege Vulnerability

πŸ›‘ Microsoft SharePoint: CVE-2023-29357 πŸ›‘ Microsoft SharePoint Server Elevation of Privilege Vulnerability πŸ“Œ Summary: This script exploits a vulnerability (CVE-2023-29357) in Microsoft SharePoint Server allowing remote attackers to escalate privileges on affected installations of Microsoft SharePoint Server While this script focuses on elevation of privilege, attackers

https://github.com/LuemmelSec/CVE-2023-29357

Recreation of the SharePoint PoC for CVE-2023-29357 in C# with lots of help from ChatGPT Build with Net Version 472 in Visual Studio 2017 Use NuGet Package manager to install any missing packages Yara rules for detection below Usage: CVE-2023-29357exe http(s)://yoursharepointlol [-v] Huge shoutout to: Jang for being very supportive

https://github.com/AndreOve/CVE-2023-24955-real-RCE

RCE exploit for Microsoft SharePoint 2019

CVE-2023-24955-real-RCE RCE exploit for Microsoft SharePoint 2019

https://github.com/former-farmer/CVE-2023-24955-PoC

Exploit for Microsoft SharePoint 2019

CVE-2023-24955-PoC Exploit for Microsoft SharePoint 2019 An exploit published for a vulnerability named CVE-2023-24955 I saw the code and There was some bug in the resolveTargetInfo() and getOAuthInfo() Then I fixed it and it's for u now ❗❗❗❗❗❗ Remember that you should run it with Python2 (I tried python27)❗❗❗❗❗❗ Like python27 CVE-2023-24955p

Recent Articles

CISA tags Microsoft SharePoint RCE bug as actively exploited
BleepingComputer β€’ Sergiu Gatlan β€’ 27 Mar 2024

CISA tags Microsoft SharePoint RCE bug as actively exploited By Sergiu Gatlan March 27, 2024 12:24 PM 0 CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks. Tracked as CVE-2023-24955, this SharePoint Server vulnerability enables authenticated attackers with Site Owner privileges to execute code remotely on vulnerable servers. The second flaw (...

Read more...
Exploit for under-siege SharePoint vuln reportedly in hands of ransomware crew
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources It’s taken months for crims to hack together a working exploit chain

Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerability that was this week added to the US's must-patch list. Without specifically identifying the gang, researcher Kevin Beaumont said that at least one ransomware group has a working exploit for the critical vulnerability, which can potentially achieve remote code execution (RCE) although the US Cybersecurity and Infrastructure Security Agency (CISA...

Read more...

References

NVD-CWE-noinfohttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24955https://nvd.nist.govhttps://www.theregister.co.uk/2024/01/12/microsoft_sharepoint_vuln_exploit/https://github.com/Chocapikk/CVE-2023-29357https://www.zerodayinitiative.com/advisories/ZDI-23-883/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook