Microsoft SharePoint Exploit Attempt - CVE-2021-34467

Risk Factors

An authenticated attacker with the ability to upload files to a personal or shared folder on a SharePoint server could upload a web shell and directly run malicious code on the SharePoint server. Running web shells or other code is dependent on which SharePoint mitigations are configured, such as support for running code-blocks.

Kill Chain

Exploitation

Risk Score

Next in Exploitation: Microsoft SharePoint Exploit Attempt - CVE-2023-29357

Attack Background

Microsoft SharePoint has a vulnerability in how it processes incoming HTTP requests without validating URL parameters. An attacker could create an HTTP request with a specially designed URI for a file on a SharePoint server, resulting in remote code execution (RCE).

Mitigation Options

Install patches for relevant versions

Professional Services

Partners

Partner Login

Partner Finder

View All Use Cases

View All Industries

View All Integrations

Attack Background

Mitigation Options

What else can RevealX do for you?

View our Periodic Table of use cases