CVE-2025-53771
MEDIUM EXPLOITED RANSOMWARE NUCLEIMicrosoft SharePoint Server ToolPane Unauthenticated Remote Code Execution (aka ToolShell)
Title source: metasploitDescription
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
Nuclei Templates (1)
Microsoft SharePoint Server - Authentication Bypass (ToolShell)
MEDIUMVERIFIEDby _l0gg,SamIntruder,sfewer-r7,iamnoooob,pdresearch
Shodan:
http.component:"sharepoint"
Scores
CVSS v3
6.5
EPSS
0.4783
EPSS Percentile
97.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
VulnCheck KEV
2025-07-18
Ransomware Use
Confirmed
CWE
CWE-287
Status
published
Products (3)
microsoft/sharepoint_server
2016
microsoft/sharepoint_server
2019
microsoft/sharepoint_server
< 16.0.18526.20508
Published
Jul 20, 2025
Tracked Since
Feb 18, 2026