All news with #dotnet framework tag

Hidden .NET proxy behavior can enable RCE in many apps

⚠️ Researchers found that .NET HTTP client proxy classes will accept file:// and other non-HTTP schemes, invoking the filesystem handler and enabling attacker-controlled writes to arbitrary files. This unexpected behavior enabled proof-of-concept remote code execution via web shells and malicious PowerShell scripts in multiple products, including Barracuda, Ivanti, Umbraco, Microsoft PowerShell, and SQL Server Integration Services. Microsoft says it will not change the Framework behavior and places responsibility on application developers to avoid passing untrusted URLs and to validate WSDL imports.