Microsoft SharePoint Server CreateChildControls Server Side Include Vulnerability Exploit (CVE-2020-16952)

This module exploits a server side include vulnerability present in CreateChildControls of Microsoft.SharePoint.WebPartPages.DataFormWebPart class of Microsoft SharePoint Server to deploy an agent. The deployed agent will run with the SharePoint Server service account privileges.
CVE Link
CVE-2020-16952
Exploit Platform
Windows
Exploit Type
Exploits
OS Command Injection
Known Vulnerabilities
Product Name
Impact