Home / Vulnerability Intelligence / CVE-2025-59711

CVE-2025-59711 - Vulnerability Analysis

HighCVSS: 8.3

Last Updated: April 3, 2026

Biztalk360 - Directory Traversal

Published: April 3, 2026Updated: April 3, 2026Remote Exploitable

Overview

Biztalk360 < 11.5 contains a directory traversal vulnerability caused by mishandling of user-provided input in an upload mechanism, letting authenticated attackers write files outside the destination directory and coerce authentication.

Severity & Score

Severity: High

CVSS Score: 8.3

Impact

Authenticated attackers can write files outside intended directories and potentially bypass authentication, risking system compromise.

Mitigation

Upgrade to version 11.5 or later.

References

https://www.synacktiv.com/en/advisories/remote-code-execution-from-any-domain-account-in-biztalk360

Related Resources

Details

CVE ID: CVE-2025-59711
Severity: High
CVSS Score: 8.3
Type: path_traversal
Status: unconfirmed

CWE

CWE-22

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L