SharePoint RCE via specially crafted SharePoint application package — exploited by APT groups for initial access to corporate intranets. Apply February 2019 patches and restrict SharePoint package deployment to admin accounts only.
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →