CVE-2025-53473

HIGH

Nimesa Backup and Recovery < 3.0.2025062305 - Server-Side Request Forgery

Title source: llm

Description

Server-side request forgery (SSRF) vulnerability exists n multiple versions of Nimesa Backup and Recovery, If this vulnerability is exploited, unintended requests may be sent to internal servers.

References (2)

Core 2

Core References

Third Party Advisory

https://jvn.jp/en/jp/JVN88251376/

Various Sources

https://aws.amazon.com/marketplace/seller-profile?id=08fb48d1-5d60-4feb-93c6-c0c219278a2c

Scores

CVSS v3 7.3

EPSS 0.0027

EPSS Percentile 17.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-918

Status published

Products (3)

Nimesa/Nimesa Backup and Recovery prior to v3.0.2025062305

Nimesa/Nimesa Backup and Recovery v2.3

Nimesa/Nimesa Backup and Recovery v2.4

Published Jul 07, 2025

Tracked Since Feb 18, 2026