CVE-2018-8284

HIGH

.NET Framework - Remote Code Execution via Improper Input Validation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-8284. PoCs published by quantiti.

AI-analyzed exploit summary The repository contains only a README.md file with a title referencing CVE-2018-8284, a SharePoint RCE vulnerability, but no actual exploit code or technical details are provided.

Description

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

Exploits (1)

nomisec STUB 3 stars

by quantiti · poc

https://github.com/quantiti/CVE-2018-8284-Sharepoint-RCE

View Code ZIP pw:eip

The repository contains only a README.md file with a title referencing CVE-2018-8284, a SharePoint RCE vulnerability, but no actual exploit code or technical details are provided.

Classification

Stub 10%

Attack Type

Rce

Complexity

Theoretical

Reliability

Theoretical

Target: Microsoft SharePoint

No auth needed

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/104667

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8284

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041257

Scores

CVSS v3 8.1

EPSS 0.2208

EPSS Percentile 95.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-94

Status published

Products (19)

microsoft/.net_framework 2.0 sp2

microsoft/.net_framework 3.0 sp2

microsoft/.net_framework 3.5

microsoft/.net_framework 3.5.1

microsoft/.net_framework 4.5.2

microsoft/.net_framework 4.6

microsoft/.net_framework 4.6.2

microsoft/.net_framework 4.7

microsoft/.net_framework 4.7.1

microsoft/.net_framework 4.7.2

... and 9 more

Published Jul 11, 2018

Tracked Since Feb 18, 2026