Lucene search
K

17 matches found

HackRead
HackRead
added 2024/03/28 5:24 p.m.44 views

CISA Urges Patching Microsoft SharePoint Vulnerability (CVE-2023-24955)

By Deeba Ahmed Critical Microsoft SharePoint Flaw Exploited: Patch Now, CISA Urges! This is a post from HackRead.com Read the original post: CISA Urges Patching Microsoft SharePoint Vulnerability CVE-2023-24955...

5.8CVSS7.1AI score0.85395EPSS
Exploits7
The Hacker News
The Hacker News
added 2024/03/27 1:15 p.m.71 views

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 CVSS score: 7.2,...

9.8CVSS8.3AI score0.99649EPSS
Exploits11
Packet Storm
Packet Storm
added 2024/03/27 12:0 a.m.401 views

Sharepoint Dynamic Proxy Generator Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'securerandom' class MetasploitModule 'Sharepoint Dynamic Proxy Generator Unauth RCE', 'Description' = %q This module exploits two vulnerabilities in Sharepoint...

9.8CVSS7.4AI score0.99649EPSS
Exploits11
0day.today
0day.today
added 2024/03/27 12:0 a.m.471 views

Sharepoint Dynamic Proxy Generator Remote Command Execution Exploit

This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023. The authentication bypass allows attackers t...

9.8CVSS8.1AI score0.99649EPSS
Exploits11
Metasploit
Metasploit
added 2024/03/26 7:51 p.m.594 views

Sharepoint Dynamic Proxy Generator Unauth RCE

This module exploits two vulnerabilities in Sharepoint 2019, an auth bypass CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955, an RCE which was patched in May of 2023. The auth bypass allows attackers to impersonate the Sharepoint Admin user. This vulnerability stems from the...

9.8CVSS8.6AI score0.99649EPSS
Exploits11
hivepro
hivepro
added 2024/01/15 12:56 p.m.45 views

Active Exploitation of Two Critical Flaws in Microsoft SharePoint

Summary: Active attacks targeting a critical Microsoft SharePoint Server vulnerability CVE-2023-29357 pose a severe risk, enabling privilege escalation for potential full administrator access. This flaw, coupled with CVE-2023-24955, allows arbitrary code execution. Immediate patching is crucial, ...

7.5CVSS8.3AI score0.99649EPSS
Exploits11
GithubExploit
GithubExploit
added 2023/12/28 9:8 a.m.484 views

Exploit for Code Injection in Microsoft

CVE-2023-24955-PoC Exploit for Microsoft SharePoint 2019 An e...

7.2CVSS8AI score0.85395EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.34 views

Security Updates for Microsoft SharePoint Server 2016 (May 2023)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A Sharepoint Server spoofing vulnerability. CVE-2023-24950 - A Sharepoint Server information disclosure vulnerability. CVE-2023-24950 - A...

7.2CVSS8.5AI score0.85395EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.39 views

Security Updates for Microsoft SharePoint Server 2019 (May 2023)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A Sharepoint Server spoofing vulnerability. CVE-2023-24950 - A Sharepoint Server information disclosure vulnerability. CVE-2023-24950 - A...

7.2CVSS8.5AI score0.85395EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2023/05/10 12:0 a.m.37 views

Security Updates for Microsoft SharePoint Server Subscription Edition (May 2023)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A Sharepoint Server spoofing vulnerability. CVE-2023-24950 - A Sharepoint Server information disclosure vulnerability...

7.2CVSS8.5AI score0.85395EPSS
Exploits7References4
Circl
Circl
added 2023/05/09 10:44 p.m.12 views

CVE-2023-24955

creationtimestamp| type| source ---|---|--- 2023-05-09 22:44:55+00:00| seen| https://t.me/cibsecurity/63677 2023-05-10 13:00:06+00:00| seen| https://t.me/truesecator/4360 2023-09-30 12:17:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9116 2023-12-15 08:55:17+00:00|...

7.2CVSS6.8AI score0.85395EPSS
Exploits7References31
NVD
NVD
added 2023/05/09 6:15 p.m.31 views

CVE-2023-24955

Microsoft SharePoint Server Remote Code Execution Vulnerability...

7.2CVSS7.5AI score0.85395EPSS
Exploits7References2
Cvelist
Cvelist
added 2023/05/09 5:3 p.m.30 views

CVE-2023-24955 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

7.2CVSS7.3AI score0.85395EPSS
Exploits7References1
CVE
CVE
added 2023/05/09 5:3 p.m.420 views

CVE-2023-24955

CVE-2023-24955 affects Microsoft SharePoint Server and is a remote code execution vulnerability. The CISA/KEV records describe it as a code injection flaw that can be exploited by an authenticated attacker with Site Owner privileges to execute code remotely, indicating attacker-controlled code ex...

7.2CVSS8.6AI score0.85395EPSS
In wildExploits7References2Affected Software2
NCSC
NCSC
added 2023/05/09 12:0 a.m.10 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to carry out attacks that could result in the following categories of damage: Microsoft Teams: |----------------|------|-------------------------------------| | CVE ID | CVSS | Impa...

7.8CVSS6.5AI score0.85395EPSS
Exploits7
Kaspersky
Kaspersky
added 2023/05/09 12:0 a.m.76 views

KLA49155 Multiple vulnerabilities in Microsoft Office

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote...

7.8CVSS9AI score0.85395EPSS
Exploits7References22
ATTACKERKB
ATTACKERKB
added 2023/05/09 12:0 a.m.38 views

CVE-2023-24955

Microsoft SharePoint Server Remote Code Execution Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

7.2CVSS7.9AI score0.85395EPSS
In wildExploits7References2
Rows per page
Query Builder