Exploit for #VU17622 Code Injection in Microsoft SharePoint Server and Microsoft SharePoint Foundation

Exploit for #VU17622 Code Injection in Microsoft SharePoint Server and Microsoft SharePoint Foundation

Published: 2020-03-18 | Updated: 2021-05-27

Vulnerability identifier: #VU17622

Vulnerability risk: High

CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2019-0604

CWE-ID: CWE-94

Exploitation vector: Network

Exploits in database: 4

May 27, 2021
- weaponized-0604 (Automated tool to exploit sharepoint CVE-2019-0604) [Github]
February 12, 2021
- weaponized-0604 (Automated tool to exploit sharepoint CVE-2019-0604) [Github]
March 26, 2020
- CVE-2019-0604 (详解 k8gege的SharePoint RCE exploit cve-2019-0604-exp.py的代码，动手制作自己的payload) [Github]
March 18, 2020
- CVE-2019-0604 (cve-2019-0604 SharePoint RCE exploit) [Github]

Impact: Code execution

Vulnerable software:
Microsoft SharePoint Server
Server applications / Application servers
Microsoft SharePoint Foundation
Server applications / Application servers

Vendor: Microsoft