POC详情: d6043fa75b2475cbe76590a27e53a8856fade539

来源
https://github.com/b33b0y/CVE-2025-53770
关联漏洞
标题: Microsoft SharePoint Server 安全漏洞 (CVE-2025-53770)
描述:Microsoft SharePoint Server是美国微软(Microsoft)公司的一款协作平台。 Microsoft SharePoint Server存在安全漏洞,该漏洞源于反序列化不受信任数据,可能导致远程代码执行。
描述
CVE-2025-53770 – Vulnerability Research & Exploitation
介绍
# CVE-2025-53770 – Vulnerability Research & Exploitation

This repository contains research, detection tools, and exploitation methods for **CVE-2025-53770**, a critical security vulnerability disclosed in 2025. The goal of this project is to provide a comprehensive technical resource for understanding and demonstrating the vulnerability in a controlled and ethical manner.

> ⚠️ **Legal Disclaimer**: This repository is intended for **educational and authorized security testing** only. Unauthorized access or testing of systems is illegal. Use responsibly.

---

## 📖 About CVE-2025-53770

**CVE-2025-53770** is a critical vulnerability in **Microsoft SharePoint Server (on-premises)** caused by the **deserialization of untrusted data**. It allows **unauthorized, remote attackers** to execute arbitrary code over the network **without authentication**. This vulnerability has been **actively exploited in the wild**.

- **Type**: Deserialization of Untrusted Data  
- **Impact**: Remote Code Execution (RCE)  
- **Attack Vector**: Network (Remote)  
- **Authentication Required**: None  
- **User Interaction Required**: None  
- **Affected Product**: Microsoft SharePoint Server (on-premises)  
- **Exploitation Status**: Known exploit exists in the wild  
- **Patch Status**: Microsoft is preparing a comprehensive update; temporary mitigations are available and **should be applied immediately**

#### 🔐 CVSS v3.1 Base Score

- **Score**: 9.8 (**Critical**)  
- **Vector**: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`

---

## 📁 Repository Structure

### 🔍 [Scan](./Scan)

Contains tools and scripts to **detect the presence** of CVE-2025-53770 in vulnerable systems.


### 💥 [Exploit](./Exploit)

Includes **proof-of-concept (PoC) code** to demonstrate how CVE-2025-53770 can be exploited under specific conditions.

---

## 🙌 Credits
* https://github.com/soltanali0/CVE-2025-53770-Exploit
* https://github.com/ZephrFish/CVE-2025-53770-Scanner
文件快照

 [4.0K]  /data/pocs/d6043fa75b2475cbe76590a27e53a8856fade539
├── [4.0K]  Exploit
│   ├── [4.5K]  exploit.py
│   ├── [3.2K]  README.md
│   └── [ 112]  requirements.txt
├── [2.0K]  README.md
└── [4.0K]  Scanner
    ├── [4.7K]  config.json
    ├── [ 16K]  README.md
    ├── [  53]  requirements.txt
    └── [ 42K]  scanner.py

2 directories, 8 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。