CVE-2025-23120

Exploit for Veeam backup and Replication Deserialization CVE-2025-23120

Check out the blog post from WatchTowr for technical details. All credits goes to them, I simply applied the bypass they described.

The attack can lead to remote command execution in case the Veeam server is the same domain as the attacker machine. In that case an authenticated attacker may exploit the vulnerability and gain SYSTEM access to the server.

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
CVE-2024-40711-poc		CVE-2024-40711-poc
ExploitRemotingService-master		ExploitRemotingService-master
2025-23120.png		2025-23120.png
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

CVE-2025-23120

PoC in Action

About

Uh oh!

Releases

Packages

Languages

Sparrrgh/CVE-2025-23120

Folders and files

Latest commit

History

Repository files navigation

CVE-2025-23120

PoC in Action

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages