支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2025-59287 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
Windows Server Update Service (WSUS) Remote Code Execution Vulnerability
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.
来源: 美国国家漏洞数据库 NVD
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
可信数据的反序列化
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft Windows Server 代码问题漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft Windows Server是美国微软(Microsoft)公司的一套服务器操作系统。 Microsoft Windows Server存在代码问题漏洞,该漏洞源于攻击者利用该漏洞可以远程执行代码。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
MicrosoftWindows Server 2012 6.2.9200.0 ~ 6.2.9200.25728 -
MicrosoftWindows Server 2012 (Server Core installation) 6.2.9200.0 ~ 6.2.9200.25728 -
MicrosoftWindows Server 2012 R2 6.3.9600.0 ~ 6.3.9600.22826 -
MicrosoftWindows Server 2012 R2 (Server Core installation) 6.3.9600.0 ~ 6.3.9600.22826 -
MicrosoftWindows Server 2016 10.0.14393.0 ~ 10.0.14393.8524 -
MicrosoftWindows Server 2016 (Server Core installation) 10.0.14393.0 ~ 10.0.14393.8524 -
MicrosoftWindows Server 2019 10.0.17763.0 ~ 10.0.17763.7922 -
MicrosoftWindows Server 2019 (Server Core installation) 10.0.17763.0 ~ 10.0.17763.7922 -
MicrosoftWindows Server 2022 10.0.20348.0 ~ 10.0.20348.4297 -
MicrosoftWindows Server 2022, 23H2 Edition (Server Core installation) 10.0.25398.0 ~ 10.0.25398.1916 -
MicrosoftWindows Server 2025 10.0.26100.0 ~ 10.0.26100.6905 -
MicrosoftWindows Server 2025 (Server Core installation) 10.0.26100.0 ~ 10.0.26100.6905 -
二、漏洞 CVE-2025-59287 的公开POC
#POC 描述源链接神龙链接
1PoC from hawktracehttps://github.com/keeganparr1/CVE-2025-59287-hawktracePOC详情
2WSUS Unauthenticated RCEhttps://github.com/jiansiting/CVE-2025-59287POC详情
3It is an Working exploit of new CVE found in WSUS.https://github.com/garvitv14/CVE-2025-59287POC详情
4Windows Server Update Service contains an insecure deserialization vulnerability caused by deserialization of untrusted data. An unauthorized attacker with network access can exploit this to execute arbitrary code remotely, potentially leading to full system compromise. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-59287.yamlPOC详情
5PoC for CVE-2025-59287https://github.com/0xBruno/WSUSploit.NETPOC详情
6Defensive PoC decoy for CVE-2025-59287 (WSUS) - emulates WSUS endpoints, captures request bodies and metadata, saves evidence for forensic analysis, and provides validation harness and detection rules.https://github.com/Lupovis/Honeypot-for-CVE-2025-59287-WSUSPOC详情
7CVE-2025-59287https://github.com/FurkanKAYAPINAR/CVE-2025-59287POC详情
8powershell version of hawktrace POC exploithttps://github.com/tecxx/CVE-2025-59287-WSUSPOC详情
9Module PowerShell de réponse à l'incident CVE-2025-59287 — WSUS Remote Code Execution (RCE)https://github.com/RadzaRr/WSUSResponderPOC详情
10Helps defenders find their WSUS configurations in the wake of CVE-2025-59287https://github.com/mubix/Find-WSUSPOC详情
11CVE-2025-59287 is a critical RCE vulnerability in Windows Server Update Services (WSUS) caused by unsafe deserialization of untrusted data. It allows remote attackers to execute arbitrary code without authentication. Urgent patching is advised due to active exploitation.https://github.com/mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-ThreatPOC详情
12CVE-2025-59287 — Critical unauthenticated RCE in Windows Server Update Services (WSUS) via unsafe deserialization of an AuthorizationCookie, enabling SYSTEM-level compromise and active exploitation; patch or isolate WSUS (ports 8530/8531) immediately.https://github.com/AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vectorPOC详情
13Guía de respuesta rápida y script de auditoría para CVE-2025-59287 (RCE crítica en WSUS).https://github.com/esteban11121/WSUS-RCE-Mitigation-59287POC详情
14Verificacion de vulnerabilidad en WSUS https://github.com/fsanzmoya/wsus_CVE-2025-59287POC详情
15CVE-2025-59287 注入WolfShell内存马https://github.com/0x7556/CVE-2025-59287POC详情
16This is an exploit script written in C# to aid gaining a reverse shell on targets with Windows Server Update Service(WSUS) CVE-2025-59287. We will deliver a reverse shell payload through encrypted SOAP req.https://github.com/QurtiDev/WSUS-CVE-2025-59287-RCEPOC详情
17WSUS vulnerability PoChttps://github.com/Sid6Effect/CVE-2025-59287POC详情
18Exploitation proof-of-concept for CVE-2025-59287 - a critical vulnerability in the Windows Server Update Service (WSUS) caused by the deserialization of untrusted data. This flaw allows an unauthorized attacker to execute arbitrary code over a network, posing a significant security risk.https://github.com/dexterm300/cve-2025-59287-exploit-pocPOC详情
19WSUS vulnerability PoChttps://github.com/th1n0/CVE-2025-59287POC详情
20Nonehttps://github.com/Twodimensionalitylevelcrossing817/CVE-2025-59287POC详情
21Nonehttps://github.com/Adel-kaka-dz/cve-2025-59287POC详情
22Nonehttps://github.com/17patmaks/CVE-2025-59287-Sigma-RulePOC详情
23CVE-2025-59287https://github.com/gud425/gud425.github.ioPOC详情
24Nonehttps://github.com/LuemmelSec/CVE-2025-59287---WSUS-SCCM-RCEPOC详情
25CVE 2025 59287https://github.com/you-dream-1hall/CVE-2025-59287POC详情
26🔍 Analyze WSUS deserialization behavior to enhance security, generate reports, and identify configuration weaknesses in your infrastructure.https://github.com/salman5230/CVE-2025-59287POC详情
27Nonehttps://github.com/ross-ns/WSUS-CVE-2025-59287POC详情
28CVE 2025 59287https://github.com/vatslaaeytoygag/CVE-2025-59287POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2025-59287 的情报信息
Please 登录 to view more intelligence information
四、漏洞 CVE-2025-59287 的评论

暂无评论

发表评论