All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

WAF - WAF Release - 2025-07-21 - Emergency

11mo ago

Source

CloudflareWAF - WAF Release - 2025-07-21 - Emergencycloudflare.com
Snippet from the RSS feed
This week's update highlights several high-impact vulnerabilities affecting Microsoft SharePoint Server. These flaws, involving unsafe deserialization, allow unauthenticated remote code execution over the network, posing a critical threat to enterprise environments relying on SharePoint for collaboration and document management. Key Findings Microsoft SharePoint Server (CVE-2025-53770): A critical vulnerability involving unsafe deserialization of untrusted data, enabling unauthenticated remote code execution over the network. This flaw allows attackers to execute arbitrary code on vulnerable SharePoint servers without user interaction. Microsoft SharePoint Server (CVE-2025-53771): A closely related deserialization issue that can be exploited by unauthenticated attackers, potentially leading to full system compromise. The vulnerability highlights continued risks around insecure serialization logic in enterprise collaboration platforms. Impact Together, these vulnerabilities significantly weaken the security posture of on-premise Microsoft SharePoint Server deployments. By enabling remote code execution without authentication, they open the door for attackers to gain persistent access, deploy malware, and move laterally across enterprise environments. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 34dac2b38b904163bc587cc32168f6f0 100817 Microsoft SharePoint - Deserialization - CVE:CVE-2025-53770 N/A Block This is a New Detection Cloudflare Managed Ruleset d21f327516a145bc9d1b05678de656c4 100818 Microsoft SharePoint - Deserialization - CVE:CVE-2025-53771 N/A Block This is a New Detection For more details, also refer to our blog .

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.