PT-2025-51311 · Ateme · Ateme Titan File
Published
2025-12-15
·
Updated
2025-12-21
·
CVE-2023-53893
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Ateme TITAN File version 3.9.12.4
Description
The software contains an authenticated server-side request forgery issue in the job callback URL parameter. This allows attackers to bypass network restrictions. Exploitation involves an unvalidated parameter that enables file, service, and network enumeration by forcing the application to make HTTP, DNS, or file requests to arbitrary destinations. The vulnerable parameter is the
job callback URL.Recommendations
Apply a fix for Ateme TITAN File version 3.9.12.4 to address the server-side request forgery issue.
Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ateme Titan File