PT-2025-28469 · Microsoft · Asp.Net Core
Zahid Tokat
·
Publicado
2025-07-08
·
Atualizado
2025-07-22
·
CVE-2025-7326
CVSS v3.1
7.0
Alta
| Vetor | AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
Name of the Vulnerable Software and Affected Versions:
ASP.NET Core (affected versions not specified)
Description:
The issue concerns weak authentication in End Of Life (EOL) ASP.NET Core, allowing an unauthorized attacker to elevate privileges over a network. It affects only EOL software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Asp.Net Core