CVE-2025-52914 PoC — Mitel MiCollab SQL注入漏洞

Source

https://github.com/rxerium/CVE-2025-52914

Associated Vulnerability

Title:Mitel MiCollab SQL注入漏洞 (CVE-2025-52914)
Description:Mitel MiCollab是加拿大敏迪（Mitel）公司的一款为员工提供语音、视频、消息、音频会议和团队协作的移动应用程序。 Mitel MiCollab 10.0.1.101及之前版本存在SQL注入漏洞，该漏洞源于Suite Applications Services组件输入验证不足，可能导致SQL注入攻击。

Description

Detection for CVE-2025-52914

Readme

# CVE-2025-52914

## How does this detection method work?

Versions are extracted from target hosts, specifically the `SVR_VER` html response in the body, and then matches on versions prior to 9.3.1 and versions from 10.0.26 to 10.1.101 (inclusive).

## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com -t template.yaml` 

## References

- https://nvd.nist.gov/vuln/detail/CVE-2025-52914
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0008


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Contact

Feel free to reach out to me on [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions.

File Snapshot


 [4.0K]  /data/pocs/2f148b0c95efdf77129cf12e1999488d0b50270e
├── [ 974]  README.md
└── [1.1K]  template.yaml

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!