Strix
26.1K

CVE-2025-53859

MEDIUMCVSS 6.3/10EPSS 0.37%

Last modified

CVE-2025-53859 is a medium-severity vulnerability rated 6.3/10 on the CVSS scale. NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. EPSS estimates a 0.37% chance of exploitation in the next 30 days.

Description

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Metrics

CVSS 3.1
3.7/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS 4.0
6.3/10

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability
0.37%

28.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
F5Nginx Plusr30
F5Nginx Plusr31
F5Nginx Plusr32
F5Nginx Plusr33
F5Nginx Plusr34
F5Nginx Open Source>= 0.7.22, < 1.29.1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2025-53859?
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
How severe is CVE-2025-53859?
CVE-2025-53859 has a CVSS score of 6.3/10 (MEDIUM severity). The EPSS model estimates a 0.37% probability of exploitation in the next 30 days.
How do I fix CVE-2025-53859?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-53859?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST