Microsoft Sharepoint - Authentication Bypass & Remote Code Execution CVE-2025-53771CVE-2025-49704

Name: Microsoft Sharepoint - Authentication Bypass & Remote Code Execution (CVE-2025-53771, CVE-2025-49704)
Published: 2025-09-09T00:00:00.000Z

Severity
EPSS Score
EPSS Percentile

Vulnerability description: Not available
Risk description: Not available
Exploit capabilities: Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
Recommendation: Not available
References: https://nvd.nist.gov/vuln/detail/CVE-2025-53771 https://nvd.nist.gov/vuln/detail/CVE-2025-49704
Codename: Not available

Detectable with: Network Scanner
Scan engine: Sniper
Cisa Kev: Yes
Exploitable with Sniper: Yes
CVE Published: Jul 8, 2025
Detection added at: Sep 9, 2025
Software Type: Collaboration software
Vendor: Microsoft
Product: Sharepoint

Detect this vulnerability now!

Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.

Try the Free Edition Compare paid plans

Microsoft Sharepoint - Authentication Bypass & Remote Code Execution CVE-2025-53771CVE-2025-49704

Detect this vulnerability now!

One of EMEA's fastest-growing tech companies.

48,000+ security folks are here. Are you?

More than demos - real faces, real insight.

Security leaders trust what they can prove