https://hexpysya.github.io/tags/cve-2025-53770/Recent content in CVE-2025-53770 on bubka hacks stuffHugo -- gohugo.ioen-usSun, 22 Mar 2026 00:00:00 +0000https://hexpysya.github.io/blue_team/ld-cve202553770-sharepoint-toolshell-auth-bypass-and-rce/Sun, 22 Mar 2026 00:00:00 +0000https://hexpysya.github.io/blue_team/ld-cve202553770-sharepoint-toolshell-auth-bypass-and-rce/An attacker exploited CVE-2025-53770 against a SharePoint server, achieving unauthenticated RCE via .NET deserialization. The attacker extracted the MachineKey, compiled and dropped a payload, planted a webshell in the SharePoint layouts directory, and established a reverse connection to the attacker-controlled server.