Metasploit Module Released to Exploit SharePoint 0-Day Vulnerabilities
gbhackersSecurity researchers have released a Metasploit exploitation module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server, marking a significant escalation in the threat landscape for enterprise collaboration platforms.
The module exploits a chain of unauthenticated remote code execution flaws identified as CVE-2025-53770 and CVE-2025-53771, which were discovered being actively exploited in the wild as early as July 19, 2025.
Technical Details and Exploitation Chain
The newly released Metasploit module, developed by security researcher sfewer-r7 at Rapid7, demonstrates how attackers can achieve complete system compromise through SharePoint’s ToolPane component without requiring authentication.
| CVE ID | Description | CVSS Score | Affected Components |
| CVE-2025-53770 | SharePoint Server ToolPane Unauthenticated RCE | TBD | SharePoint Server 2019, 2022 |
| CVE-2025-53771 | SharePoint Server ToolPane Authentication Bypass | TBD | SharePoint Server 2019, 2022 |
| CVE-2025-49704 | Original SharePoint Vulnerability (Patched) | TBD | SharePoint Server (Multiple Versions) |
| CVE-2025-49706 | Original SharePoint Vulnerability (Patched) | TBD | SharePoint Server (Multiple Versions) |
The vulnerabilities represent sophisticated patch bypasses for two previously ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE