CVE-2025-66631 in MarimerLLC cslainfo

Zusammenfassung (Englisch)

CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer (NDCS) and is vulnerable to remote code execution during deserialization. This vulnerability is fixed in version 6.0.0. To workaround this issue, remove the WcfProxy in data portal configurations.

Zuständig

GitHub_M

Reservieren

05.12.2025

Veröffentlichung

09.12.2025

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
334939	MarimerLLC csla NetDataContractSerializer erweiterte Rechte	502	Nicht definiert	Offizieller Fix	CVE-2025-66631

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!