Security researchers have unveiled a critical series of vulnerabilities in the .NET Framework’s HTTP client proxy architecture, dubbed “SOAPwn,” that enables remote code execution across multiple enterprise-grade platforms.
Presented at Black Hat Europe 2025 by Piotr Bazydlo, the research reveals a fundamental design flaw in the framework’s handling of SOAP client proxies and WSDL imports.
The vulnerability stems from an invalid cast in the HttpWebClientProtocol class, which fails to correctly validate URLs passed to SOAP proxy methods.
https://gbhackers.com/new-soapwn-net-fl ... da-ivanti/