| Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. This signature indicates attempt to access a webshell that might be already established post exploitation of the insecure deserialization vulnerability. If on-premises SharePoint Servers is installed in your environment, you may need to check the possible exploitation attempts using guideline available at https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ |
