Viettel Cyber Security

4 exploits Active since Jul 2025
CVE-2025-53771 METASPLOIT MEDIUM ruby WORKING POC
Microsoft SharePoint Server ToolPane Unauthenticated Remote Code Execution (aka ToolShell)
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVSS 6.5
CVE-2025-53770 METASPLOIT CRITICAL ruby WORKING POC
Microsoft SharePoint Server - Code Injection
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnerability. In the meantime, please make sure that the mitigation provided in this CVE documentation is in place so that you are protected from exploitation.
CVSS 9.8
CVE-2025-49704 METASPLOIT HIGH ruby WORKING POC
Microsoft SharePoint Server - Remote Code Execution
Improper control of generation of code ('code injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS 8.8
CVE-2025-49706 METASPLOIT MEDIUM ruby WORKING POC
Microsoft SharePoint Enterprise Server - Improper Authentication
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
CVSS 6.5