Vulnerability Details CVE-2025-59710
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 36.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-59710
-
cpe:2.3:a:kovai:biztalk360:*