CVE-2019-0604

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package,...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 26, 2018
Published Date: March 06, 2019
Last Updated: February 07, 2025
Vendor: Microsoft
Product: Microsoft SharePoint Server, Microsoft SharePoint Foundation, Microsoft SharePoint Enterprise Server
Description: A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

CVSS Scores

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2019-09-15 20:06:54 UTC) Source
Used in Malware: Yes (added 2021-11-03 00:00:00 UTC) Source

References

http://www.securityfocus.com/bid/106914 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0604

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

boxhg/CVE-2019-0604

Type: github • Created: 2019-12-10 02:39:57 UTC • Stars: 30

详解 k8gege的SharePoint RCE exploit cve-2019-0604-exp.py的代码，动手制作自己的payload

m5050/CVE-2019-0604

Type: github • Created: 2019-09-15 20:06:54 UTC • Stars: 3

CVE-2019-0604: SharePoint RCE detection rules and sample PCAP

k8gege/CVE-2019-0604

Type: github • Created: 2019-06-26 15:00:29 UTC • Stars: 100

cve-2019-0604 SharePoint RCE exploit

likekabin/CVE-2019-0604_sharepoint_CVE

Type: github • Created: 2019-04-04 03:17:30 UTC • Stars: 1

linhlhq/CVE-2019-0604

Type: github • Created: 2019-03-23 05:01:54 UTC • Stars: 134

CVE-2019-0604