Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
An authenticated attacker can perform reconnaissance and exploit this vulnerability to view sensitive information. The attacker then leverages this information to gain complete control of a device, providing an entry point for further attacks on your network.
Kill Chain
Risk Score
83
Microsoft SharePoint has a vulnerability in the EditingPageParser.VerifyControlOnSafeList method, which allows an attacker to bypass a list of safe controls that prevent users from creating unauthorized SharePoint widgets. To exploit this vulnerability and perform remote code execution (RCE), the attacker first performs reconnaissance to identify a target site on a SharePoint server. Next, the attacker exploits the vulnerable method to upload a malicious WebPart control. A WebPart control enables end-users to modify the content of web pages. The malicious WebPart control exposes validation and encryption keys from a configuration file in a web page. With these keys, the attacker can create a malicious View State. A View State stores object data for a dynamic web page that is deserialized by the server. Finally, the attacker sends an HTTP request with the malicious View State to the SharePoint server, which results in RCE.
