"Researchers Release Details of New RCE Exploit Chain for SharePoint"

The researchers who discovered two critical vulnerabilities in Microsoft SharePoint Server have disclosed details of an exploit they created that combines the vulnerabilities to enable Remote Code Execution (RCE) on impacted servers. Separately, another security researcher published proof-of-concept (POC) code for one of the SharePoint vulnerabilities on GitHub, demonstrating how an attacker could exploit the flaw to gain admin privileges on vulnerable systems. One of the vulnerabilities, tracked as CVE-2023-29357, is an elevation of privilege flaw in SharePoint Server 2019. It allows an unauthenticated attacker to bypass authentication checks and obtain admin privileges on an affected SharePoint server by using a spoofed JSON Web Token (JWT). This article continues to discuss the exploit developed to chain two critical vulnerabilities in Microsoft SharePoint Server. 

Dark Reading reports "Researchers Release Details of New RCE Exploit Chain for SharePoint"

Submitted by grigby1

Submitted by Gregory Rigby on