CVE-2023-53893
Ateme TITAN File 3.9 Authenticated Server-Side Request Forgery Vulnerability
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the application to make HTTP, DNS, or file requests to arbitrary destinations.
| CWE | CWE-918 |
| Vendor | ateme |
| Product | titan |
| Published | Dec 15, 2025 |
| Last Updated | Apr 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for ateme titan
Be the first to know when new unknown vulnerabilities affecting ateme titan are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Ateme / TITAN
3.9.12.4
References
exploit-db.com: https://www.exploit-db.com/exploits/51582 zeroscience.mk: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5781.php ateme.com: https://www.ateme.com/product-titan-software/ vulncheck.com: https://www.vulncheck.com/advisories/ateme-titan-file-authenticated-server-side-request-forgery-vulnerability
Credits
LiquidWorm as Gjoko Krstic of Zero Science Lab