Exploit Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability CVE-2020-0618

Name: Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability CVE-2020-0618
Rating: 5 (30 reviews)

2020-09-25 | CVSS 6.5

## https://sploitus.com/exploit?id=SAINT:42A55639AE1F6E2A8BE2071F2F668787
Added: 09/25/2020  
CVE: [CVE-2020-0618](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0618>)  


### Background

[Microsoft SQL Server Reporting Services](<https://docs.microsoft.com/en-us/sql/reporting-services/create-deploy-and-manage-mobile-and-paginated-reports?view=sql-server-ver15>) is a set of tools and services for creating, deploying, and managing mobile and paginated reports. 

### Problem

A deserialization vulnerability in Microsoft SQL Server Reporting Services 2016 allows a remote, authenticated attacker to execute arbitrary commands on the server by sending a POST request with a specially crafted serialized object. 

### Resolution

See [Microsoft Security Advisory CVE-2020-0618](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618>) for fix information. 

### References

<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618>  


### Limitations

This exploit requires valid Microsoft SQL Server Reporting Services credentials. 

### Platforms

Windows