CVE-2025-53120

Name of the Vulnerable Software and Affected Versions: Unified PAM server (affected versions not specified)

Description: A path traversal vulnerability exists in the unauthenticated upload functionality. This allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, potentially leading to remote code execution.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.