#VU114082 Out-of-bounds read in nginx and NGINX Plus - CVE-2025-53859
Published: August 14, 2025
Vulnerability identifier: #VU114082
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-53859
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
nginx
NGINX Plus
nginx
NGINX Plus
Software vendor:
F5 Networks
F5 Networks
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to a boundary condition in the ngx_mail_smtp_module. A remote attacker can force the server to leak arbitrary bytes sent in a request to the authentication server.
This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header.
Remediation
Install updates from vendor's website.