CVE-2023-53893 MEDIUM

CVE-2023-53893: Ateme TITAN File 3.9 Authenticated Server-Side Request Forgery Vulnerability

Vendor Ateme
Product TITAN
Weakness CWE-918 · SSRF
Published December 15, 2025
Last update April 7, 2026

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the application to make HTTP, DNS, or file requests to arbitrary destinations.

Key dates

02Disclosure timeline

December 15, 2025 CVE published
April 7, 2026 Record updated