CVE-2025-66631 HIGH

CVE-2025-66631: CSLA .NET is vulnerable to Remote Code Execution via WcfProxy

Vendor Marimerllc
Product csla
Weakness CWE-502 · Unsafe deserialization
Published December 9, 2025
Last update December 9, 2025

CVSS base score

7.2/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

What the vulnerability does

01Description

CSLA .NET is a framework designed for the development of reusable, object-oriented business layers for applications. Versions 5.5.4 and below allow the use of WcfProxy. WcfProxy uses the now-obsolete NetDataContractSerializer (NDCS) and is vulnerable to remote code execution during deserialization. This vulnerability is fixed in version 6.0.0. To workaround this issue, remove the WcfProxy in data portal configurations.

Key dates

02Disclosure timeline

December 9, 2025 CVE published
December 9, 2025 Record updated