CVE-2025-33053

This repository provides scripts to deploy a WebDAV server and generate malicious `.url` shortcut files for phishing or lateral movement. The PoC leverages CVE-2025-33053 to trick victims into connecting to a malicious WebDAV server.

This PoC exploits CVE-2025-33053 by leveraging a .url file to redirect Windows clients to a malicious WebDAV server, where a fake 'route.exe' binary is executed via DLL hijacking when 'iediagcmd.exe' is launched. The setup script automates the creation of a WebDAV server to host the malicious payload.

This repository contains a proof-of-concept exploit for CVE-2025-33053, demonstrating how a malicious `.url` file can be used to execute arbitrary code via WebDAV. The PoC includes a decoy PDF and simulates C2 behavior without actual malicious payloads.

This repository contains a legitimate PoC and checker for CVE-2025-33053, a WebDAV-based RCE vulnerability in Windows systems. The PoC simulates a WebDAV server to detect PROPFIND requests, while the checker verifies system vulnerability via WebClient service and UNC path handling.

This repository contains a proof-of-concept exploit for CVE-2025-33053, demonstrating how a malicious `.url` file can be used to execute arbitrary code via WebDAV. The PoC includes a decoy PDF and simulates C2 behavior without actual malicious payloads.

This Metasploit module exploits CVE-2025-33053 by generating a malicious .URL file that triggers unintended behavior via a trusted LOLBAS binary, optionally hosting a payload on a WebDAV directory for remote code execution.