CVE-2025-33053 - Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability
Project:Web Distributed Authoring and Versioning
Product:Web Distributed Authoring and Versioning (WebDAV)
Date Added:2025-06-10Due Date:2025-07-01
Vulnerability Name
Web Distributed Authoring and Versioning (WebDAV) External Control of File Name or Path Vulnerability
Description
Web Distributed Authoring and Versioning (WebDAV) contains an external control of file name or path vulnerability. This vulnerability could allow an unauthorized attacker to execute code over a network. This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
This vulnerability affects a common open-source project, third-party library, or a protocol used by different products. For more information, please see: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-33053
https://nvd.nist.gov/vuln/detail/CVE-2025-33053
Related News Articles
Microsoft: KB5060533 update triggers boot errors on Surface Hub v1 devicesJune 13, 2025
Windows 11 24H2 emergency update fixes Easy Anti-Cheat BSOD issueJune 12, 2025
Microsoft creates separate Windows 11 24H2 update for incompatible PCsJune 11, 2025
Hackers exploited Windows WebDav zero-day to drop malwareJune 11, 2025
Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the WildJune 11, 2025