EUVD-2025-209206

| CVE-2025-59711 HIGH
2026-04-03 mitre GHSA-q6cm-wqcq-7q3c
8.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
Low

Lifecycle Timeline

3
Analysis Generated
Apr 03, 2026 - 15:00 vuln.today
EUVD ID Assigned
Apr 03, 2026 - 15:00 euvd
EUVD-2025-209206
CVE Published
Apr 03, 2026 - 00:00 nvd
HIGH 8.3

Tags

Path Traversal

Description

An issue was discovered in Biztalk360 before 11.5. Because of mishandling of user-provided input in an upload mechanism, an authenticated attacker is able to write files outside of the destination directory and/or coerce an authentication from the service, aka Directory Traversal.

Analysis

Directory traversal in BizTalk360 before version 11.5 allows authenticated attackers to write files outside the intended upload directory and potentially coerce authentication from the service through mishandling of user input in an upload mechanism. The vulnerability requires valid authentication credentials but enables arbitrary file write capabilities that could lead to remote code execution or service compromise.

Technical Context

The vulnerability exists in BizTalk360's file upload handling mechanism, which fails to properly validate and sanitize user-supplied path input. This is a classic path traversal (directory traversal) vulnerability where an attacker can use directory traversal sequences (such as ../ or absolute paths) to escape the intended upload directory boundaries. The root cause stems from insufficient input validation on file paths during the upload process, allowing an authenticated user to specify arbitrary file destinations on the underlying system. BizTalk360 is a Microsoft BizTalk Server management and monitoring platform; the vulnerability affects versions prior to 11.5.

Affected Products

BizTalk360 versions prior to 11.5 are affected by this vulnerability. The exact version range begins with unknown earliest affected version and extends through 11.4. The vulnerability was remediated in BizTalk360 version 11.5 and later. Specific CPE data in the input is marked as N/A, limiting precise version mapping, but the vendor advisory referenced should provide additional affected version details.

Remediation

The primary remediation is to upgrade BizTalk360 to version 11.5 or later, which addresses the directory traversal vulnerability. Organizations running versions 11.4 and earlier should prioritize this upgrade. Until patching is possible, restrict file upload functionality to trusted administrators only, implement strict file path validation on the application layer, and review recent file upload activity for suspicious file write patterns outside normal directories. Refer to the Synacktiv advisory at https://www.synacktiv.com/en/advisories/remote-code-execution-from-any-domain-account-in-biztalk360 for additional technical details and confirmation of remediation.

Priority Score

42
Low Medium High Critical
KEV: 0
EPSS: +0.9
CVSS: +42
POC: 0

Share

EUVD-2025-209206 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy