ГлавнаяУязвимости → CVE-2025-53120
9.4критическая

CVE-2025-53120

Описание

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.

CVSS
Балл9.4 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Источники
https://www.rapid7.com/blog/post/securden-unified-pam-multiple-critical-vulnerabilities-fixed/