PoC Week 2025-03-17
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
Slow week; just 2 from last year.
CVE-2024-30043
- Severity: 7.5 HIGH
- Impacted Products: Sharepoint Server
- Description: Microsoft SharePoint Server Information Disclosure Vulnerability
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2024-30043
- PoC: https://github.com/W01fh4cker/CVE-2024-30043-XXE/
CVE-2024-4577
- Severity: 9.8 CRITICAL
- Impacted Products: PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages.
- Description: Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
- Remediation: Follow developer guidance.
- More Info: CVE-2024-4577
- PoC: https://github.com/watchtowrlabs/CVE-2024-4577/
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.