.. / CVE-2024-38023

Exploit for Microsoft SharePoint Server 2016, 2019 - Unauthenticated Remote Code Execution (CVE-2024-38023)

Description:

A remote code execution vulnerability in Microsoft SharePoint Server. An authenticated attacker with Site Owner permissions or higher could upload a specially crafted file to the targeted SharePoint Server and craft specialized API requests to trigger the deserialization of the file’s parameters. This would enable the attacker to execute code remotely in the SharePoint Server context.

Affected Products:

Proof of Concept

PoC exploit

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-38023
https://msrc.microsoft.com/update-guide/pt-br/vulnerability/CVE-2024-38023