module
CVE-2025-33053 Exploit via Malicious .URL File and WebDAV
| Disclosed |
|---|
| Jun 11, 2025 |
Disclosed
Jun 11, 2025
Description
This module exploits CVE-2025-33053 by generating a malicious .URL file pointing
to a trusted LOLBAS binary with parameters designed to trigger unintended behavior.
Optionally, a payload is generated and hosted on a specified WebDAV directory.
When the victim opens the shortcut, it will attempt to access the WebDAV path,
potentially resulting in remote code execution via a trusted binary.
to a trusted LOLBAS binary with parameters designed to trigger unintended behavior.
Optionally, a payload is generated and hosted on a specified WebDAV directory.
When the victim opens the shortcut, it will attempt to access the WebDAV path,
potentially resulting in remote code execution via a trusted binary.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.