top of page
perceptive_background_267k.jpg

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

Published:

10 december 2025 om 19:21:00

Alert date:

10 december 2025 om 20:01:07

Source:

thehackernews.com

Click to open the original link from this advisory

WatchTowr Labs discovered SOAPwn, an invalid cast vulnerability in the .NET Framework that enables remote code execution through rogue WSDL files. The vulnerability affects multiple enterprise applications including Barracuda Service Center RMM, Ivanti Endpoint Manager (EPM), and Umbraco 8. Attackers can exploit this flaw to achieve file writes and execute arbitrary code remotely. The research suggests many more vendors may be affected beyond those initially identified. This represents a significant threat to enterprise environments using .NET Framework applications.

Technical details

Mitigation steps:

Affected products:

.NET Framework
Barracuda Service Center RMM
Ivanti Endpoint Manager
Umbraco 8

Related links:

https://thehackernews.com/2025/12/net-soapwn-flaw-opens-door-for-file.html

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page