2 matches found
CVE-2025-59710
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...
CVE-2025-59710
CVE-2025-59710 affects BizTalk360 prior to v11.5. The root cause is improper access control that allows any user to request loading a DLL; during loading, a method is invoked and a malicious DLL uploaded by an attacker can lead to remote code execution on the server. The vulnerability is referenc...