The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.

For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.

Slow week; just 2 from last year.

CVE-2024-30043

• Severity: 7.5 HIGH
• Impacted Products: Sharepoint Server
• Description: Microsoft SharePoint Server Information Disclosure Vulnerability
• Remediation: Follow developer advice.
• More Info: NVD - CVE-2024-30043
• PoC: https://github.com/W01fh4cker/CVE-2024-30043-XXE/

CVE-2024-4577

• Severity: 9.8 CRITICAL
• Impacted Products: PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages.
• Description: Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
• Remediation: Follow developer guidance.
• More Info: CVE-2024-4577
• PoC: https://github.com/watchtowrlabs/CVE-2024-4577/

References

This list was scraped from the quite amazing and highly recommended newsletters below:

• ~this week in security~
• Unsupervised Learning
• @RISK
• Hive Five
• Vulnerable U
• tl;dr sec

Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.