Описание
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-33053
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33053
- https://research.checkpoint.com/2025/stealth-falcon-zero-day
- https://therecord.media/microsoft-cisa-zero-day-turkish-defense-org
- https://www.bleepingcomputer.com/news/security/stealth-falcon-hackers-exploited-windows-webdav-zero-day-to-drop-malware
- https://www.darkreading.com/vulnerabilities-threats/stealth-falcon-apt-exploits-microsoft-rce-zero-day-mideast
- https://www.theregister.com/2025/06/10/microsoft_patch_tuesday_june
Связанные уязвимости
CVSS3: 8.8
nvd
8 дней назад
External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network.
CVSS3: 8.8
msrc
9 дней назад
Web Distributed Authoring and Versioning (WEBDAV) Remote Code Execution Vulnerability
CVSS3: 8.8
fstec
9 дней назад
Уязвимость реализации протокола WebDAV операционных систем Windows, позволяющая нарушителю выполнить произвольный код