CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-31 14:19:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc6e2cf7158eeb24cfecb4d64f4f1da9a8a732e2
CVEs-PoC/2020/CVE-2020-1147.md
T
marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00

102 lines
13 KiB
Markdown
Raw Blame History

### [CVE-2020-1147](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1147)
![](https://img.shields.io/static/v1?label=Product&message=.NET%20Core&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%202.0&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.0&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6%2F4.6.1%2F4.6.2%20on%20Windows%2010%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6%2F4.6.1%2F4.6.2%20on%20Windows%2010%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6.2%2F4.7%2F4.7.1%2F4.7.2%20on%20Windows%2010%20Version%201607%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6.2%2F4.7%2F4.7.1%2F4.7.2%20on%20Windows%2010%20Version%201607%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6.2%2F4.7%2F4.7.1%2F4.7.2%20on%20Windows%20Server%202016%20%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6.2%2F4.7%2F4.7.1%2F4.7.2%20on%20Windows%20Server%202016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.1%2F4.7.2%20on%20Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.1%2F4.7.2%20on%20Windows%2010%20Version%201709%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.1%2F4.7.2%20on%20Windows%2010%20Version%201709%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%2010%20Version%201803%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%2010%20Version%201803%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%2010%20Version%201803%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%2010%20Version%201809%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%2010%20Version%201809%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%2010%20Version%201809%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%20Server%202019%20%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2%20on%20Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201809%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201809%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201903%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201903%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201903%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201909%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201909%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%201909%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%202004%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%202004%20for%20ARM64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%2010%20Version%202004%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%20Server%202019%20%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%20Server%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%20Server%2C%20version%201903%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%20Server%2C%20version%201909%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8%20on%20Windows%20Server%2C%20version%202004%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5.1&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.5.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.6%2F4.6.1%2F4.6.2%2F4.7%2F4.7.1%2F4.7.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.6&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%2010%20Version%201607%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%2010%20Version%201607%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%2010%20Version%201709%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%2010%20Version%201709%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%2010%20Version%201803%20for%2032-bit%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%2010%20Version%201803%20for%20x64-based%20Systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%207%20for%2032-bit%20Systems%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%207%20for%20x64-based%20Systems%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%208.1%20for%2032-bit%20systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%208.1%20for%20x64-based%20systems&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20RT%208.1&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202008%20R2%20for%20x64-based%20Systems%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202012%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202012%20R2%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202012%20R2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202012&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202016%20%20(Server%20Core%20installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%202016&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8%20on%20Windows%20Server%2C%20version%201803%20%20(Server%20Core%20Installation)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Enterprise%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202017%20version%2015.9%20(includes%2015.0%20-%2015.8)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019%20version%2016.4%20(includes%2016.0%20-%2016.3)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019%20version%2016.6%20(includes%2016.0%20-%2016.5)&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Visual%20Studio%202019&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)
### Description
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.
### POC
#### Reference
- http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html
- http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html
#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/H0j3n/EzpzSharepoint
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/SohelParashar/.Net-Deserialization-Cheat-Sheet
- https://github.com/amcai/myscan
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/hktalent/ysoserial.net
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/michael101096/cs2020_msels
- https://github.com/puckiestyle/ysoserial.net
- https://github.com/pwntester/ysoserial.net
- https://github.com/sobinge/nuclei-templates
Reference in New Issue View Git Blame Copy Permalink