Post Av0IdRCvQvxeugR36u by sawaba@infosec.exchange
 (DIR) More posts by sawaba@infosec.exchange
 (DIR) Post #Av0IdPwE9X0gybcCRc by todb@infosec.exchange
       2025-06-10T20:45:08Z
       
       0 likes, 0 repeats
       
       So here's a dumb question. Does CVE-2025-33053 actually affect Apache #mod_dav after all?#CISA #KEV seems to be implying this: "This vulnerability could affect various products that implement WebDAV, including but not limited to Microsoft Windows."Like, is it a protocol bug, or a product bug? The CVE only lists Microsoft products as affected.
       
 (DIR) Post #Av0IdRCvQvxeugR36u by sawaba@infosec.exchange
       2025-06-10T22:58:06Z
       
       0 likes, 1 repeats
       
       @todb not at all - it appears to be a bug in how Windows handles WebDAV links within internet shortcut files (.URL files in Windows)allows attackers to execute binary EXEs over an external link, hosted by the attacker's malicious webdav serverMy analysis is based on reading the report here: https://research.checkpoint.com/2025/stealth-falcon-zero-day/
       
 (DIR) Post #Av0IdWu0GCOGZjd1Rw by sawaba@infosec.exchange
       2025-06-10T22:59:41Z
       
       0 likes, 0 repeats
       
       @todb seems like the kind of attack vector that should have been sussed out YEARS ago, like malicious autorun.inf files 🤦‍♂️