CVE 9.4 CRITICAL

Securden Unified PAM Path Traversal In File Upload_CVE-2025-53120

August 25, 2025 invoker category_cve
9.4 / 10
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Description

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.

Basic Information

ID CVE-2025-53120
Source rapid7
Published Aug 25, 2025 at 16:11
Modified Aug 25, 2025 at 18:00

Affected Product

Vendor Securden
Product Unified PAM
Version 9.0.*
Affected Versions Securden Unified PAM 9.0.*

CWE Classification

CWE-22

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.