Microsoft has confirmed a newly disclosed remote code execution (RCE) vulnerability in its IIS Web Deploy toolchain, tracked as CVE-2025-53772. The flaw resides in the unsafe deserialization logic of the msdeployagentservice and msdeploy.axd endpoints, allowing authenticated attackers to execute arbitrary code on vulnerable web servers. As enterprises worldwide rely on Web Deploy for automated deployments, […] The post Public PoC Released for IIS WebDeploy RCE Vulnerability appeared first o...
