CSLA .NET is vulnerable to Remote Code Execution via WcfProxy

7.2 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

Description

CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer (NDCS) and is vulnerable to remote code execution during deserialization. This vulnerability is fixed in version 6.0.0. To workaround this issue, remove the WcfProxy in data portal configurations.

Basic Information

ID CVE-2025-66631

Source GitHub_M

Published Dec 9, 2025 at 03:18

Affected Product

Vendor MarimerLLC

Product csla

Version < 6.0.0

Affected Versions MarimerLLC csla < 6.0.0

CWE Classification

CWE-502

References

{
    "lastseen": "",
    "description": "CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer (NDCS) and is vulnerable to remote code execution during deserialization. This vulnerability is fixed in version 6.0.0. To workaround this issue, remove the WcfProxy in data portal configurations.",
    "published": "2025-12-09T03:18:37.698Z",
    "modified": "2025-12-09T03:18:37.698Z",
    "type": "cve",
    "title": "CSLA .NET is vulnerable to Remote Code Execution via WcfProxy",
    "source": "GitHub_M",
    "references": "https://github.com/MarimerLLC/csla/security/advisories/GHSA-wq34-7f4g-953v\nhttps://github.com/MarimerLLC/csla/issues/4001\nhttps://github.com/MarimerLLC/csla/pull/4018",
    "id": "CVE-2025-66631",
    "bulletinFamily": "",
    "cwe": [
        "CWE-502"
    ],
    "cvelist": null,
    "sourceData": "MarimerLLC csla < 6.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "csla",
    "version": "< 6.0.0",
    "vendor": "MarimerLLC",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

CSLA .NET is vulnerable to Remote Code Execution via WcfProxy_CVE-2025-66631