6.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-53771

GHSA ID

EPSS Score

0.32862%

CWE

CWE-287

Published

7/20/2025

Updated

7/22/2025

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-53771

CVE-2025-53771:
Microsoft SharePoint Server Path Traversal Spoofing Vulnerability

A patch bypass vulnerability that circumvents fixes for CVE-2025-49706 from the ToolShell attack chain. Path traversal due to improper pathname limitation in SharePoint Server enables unauthorized network spoofing attacks. While not directly exploited, this vulnerability was part of the chained exploitation alongside the critical RCE (CVE-2025-49704/CVE-2025-53770) to gain unauthorized access to on-premise SharePoint servers.

6.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2025-53771

GHSA ID

EPSS Score

0.32862%

CWE

CWE-287

Published

7/20/2025

Updated

7/22/2025

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

* p*t** *yp*ss vuln*r**ility t**t *ir*umv*nts *ix*s *or *V*-****-***** *rom t** ToolS**ll *tt**k ***in. P*t* tr*v*rs*l *u* to improp*r p*t*n*m* limit*tion in S**r*Point S*rv*r *n**l*s un*ut*oriz** n*twork spoo*in* *tt**ks. W*il* not *ir**tly *xploit*

Reasoning

No *n*lysis *v*il**l*

6.5

Basic Information

Concerned about an active attack path?

CVE-2025-53771: Microsoft SharePoint Server Path Traversal Spoofing Vulnerability

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

CVE-2025-53771:
Microsoft SharePoint Server Path Traversal Spoofing Vulnerability

Vulnerability Intelligence
Miggo AI