Out-of-bounds Read

CVE-2025-53859

Medium

6.3/10

Summary

NGINX Open Source versions from 0.7.22 through 1.29.0 and NGINX Plus versions from R30 through R34 have a vulnerability in the "ngx_mail_smtp_module" that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if it is built with the "ngx_mail_smtp_module", and the "smtp_auth" directive is configured with method "none," and the authentication server returns the "Auth-Wait" response header.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-125 - Out-of-Bounds Read

Out-of-bounds read is a vulnerability that allows access to memory beyond the authorized accessible location. Such a vulnerability compromises the confidentiality of the trusted environment in the application and enables an attacker to launch further attacks by leveraging the exposed information.

References

Advisory Timeline

Published Aug 13, 2025

Out-of-bounds Read

CVE-2025-53859

Summary

CWE-125 - Out-of-Bounds Read

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS