exploitDog

CVE-2025-53120

Опубликовано: 25 авг. 2025

Источник: nvd

CVSS3: 9.4

EPSS Низкий

Описание

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.

Ссылки

https://www.rapid7.com/blog/post/securden-unified-pam-multiple-critical-vulnerabilities-fixed/

EPSS

Процентиль: 74%

0.00839

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-22

Связанные уязвимости

CVE-2025-53120

redhat

4 месяца назад

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.

GHSA-cmv4-9rjr-99h2

CVSS3: 9.4

github

4 месяца назад

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.

EPSS

Процентиль: 74%

0.00839

Низкий

9.4 Critical

CVSS3

Дефекты

CWE-22