writeups.xyz / New Wine in Old Bottle - Microsoft Sharepoint Post-Auth Deserialization RCE (CVE-2022-29108)

Submitter : c2a

Date: 12 May 2022

Bounty : undisclosed

Vulnerabilities :

• Insecure Deserialization
• RCE

Programs :

• Microsoft

Authors :

• Nguyễn Tiến Giang (@Testanull)

Link :
https://www.starlabs.sg/blog/2022/05-new-wine-in-old-bottle-microsoft-sharepoint-post-auth-deserialization-rce-cve-2022-29108/