.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL
Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.
More info