SharePoint RCE bug resurfaces three months after being patched by Microsoft.
Deserialization vulnerabilities are hard to fix
A security researcher found a fresh way to exploit a recently patched deserialization bug in Microsoft SharePoint and stage remote code execution (RCE) attacks.
The flaw, a variant on an issue that was patched in February, uses the site creation features of SharePoint, Microsoft’s intranet platform, to upload and run malicious files on the server.
Many languages use serialization and deserialization to pass complex objects to servers and between processes. If the deserialization process is insecure, an adversary will be able to exploit it to send malicious objects and run them on the server.
https://portswigger.net/daily-swig/sharepoint-rce-bug-resurfaces-three-months-after-being-patched-by-microsoft
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
