CVE-2025-53859

MEDIUM EPSS 28.9%
Published Aug 13, 202510mo ago · Modified Jun 17, 20261w ago
6.3 CVSS 4.0
Medium
Find Similar
Published Aug 13, 2025 10mo ago
Last Modified Jun 17, 2026 1w ago

Description

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVSS Details

Base Score
6.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
28.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 11

VendorProductVersionRange
f5nginx_plusr30any
f5nginx_plusr31any
f5nginx_plusr32any
f5nginx_plusr32any
f5nginx_plusr32any
f5nginx_plusr33any
f5nginx_plusr33any
f5nginx_plusr33any
f5nginx_plusr34any
f5nginx_plusr34any
f5nginx_open_source*≥0.7.22  –  <1.29.1

References 2

  • openwall.com http://www.openwall.com/lists/oss-security/2025/08/13/5
  • my.f5.com https://my.f5.com/manage/s/article/K000152786
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.