CVE-2023-29375
📋 TL;DR
This vulnerability allows attackers to upload dangerous files through the SharePoint connector in Progress Sitefinity CMS. It affects all Sitefinity installations using vulnerable versions, potentially leading to remote code execution or system compromise.
💻 Affected Systems
- Progress Sitefinity CMS
📦 What is this software?
Sitefinity by Progress
Sitefinity by Progress
Sitefinity by Progress
Sitefinity by Progress
Sitefinity by Progress
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete system compromise, data theft, or ransomware deployment.
Likely Case
Malicious file upload leading to web shell installation and persistent backdoor access.
If Mitigated
File upload attempts blocked or logged with no successful exploitation.
🎯 Exploit Status
Exploitation requires SharePoint connector access but no authentication bypass needed for file upload functionality.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Sitefinity 13.3.7647, 14.0.7736, 14.1.7826, 14.2.7930, or 14.3.8025
Vendor Advisory: https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerabilities-April-2023
Restart Required: Yes
Instructions:
1. Download the appropriate patch from Progress support portal. 2. Backup your Sitefinity installation. 3. Apply the patch according to Progress documentation. 4. Restart the application server. 5. Verify the patch was applied successfully.
🔧 Temporary Workarounds
Disable SharePoint Connector
allTemporarily disable the SharePoint connector feature if not essential.
Navigate to Administration > Modules & Services > SharePoint Connector > Disable
Restrict File Upload Types
allConfigure SharePoint connector to only allow specific safe file types.
Modify SharePoint connector configuration to restrict allowed file extensions
🧯 If You Can't Patch
- Implement strict network segmentation to isolate SharePoint connector traffic
- Deploy web application firewall with file upload protection rules
🔍 How to Verify
Check if Vulnerable:
Check Sitefinity version in Administration > About. Compare against affected versions list.Check Version:
Check Sitefinity version in web interface or examine web.config file version tagVerify Fix Applied:
Verify version number matches patched versions after applying update.📡 Detection & Monitoring
Log Indicators:
- Unusual file uploads through SharePoint connector
- ASPX/PHP/executable files uploaded via SharePoint
Network Indicators:
- HTTP POST requests to SharePoint connector endpoints with unusual file extensions
SIEM Query:
source="sitefinity_logs" AND (event="file_upload" OR event="sharepoint_upload") AND file_extension IN ("aspx", "php", "exe", "dll")🔗 References
- https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerabilities-April-2023
- https://www.progress.com/sitefinity-cms
- https://community.progress.com/s/article/Sitefinity-Security-Advisory-for-Addressing-Security-Vulnerabilities-April-2023
- https://www.progress.com/sitefinity-cms
