QwikSec

Security Database

CVE

CWE

Training

CVE-2023-53893

Published: Dec 15, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery vulnerability in the job callback URL parameter that allows attackers to bypass network restrictions. Attackers can exploit the unvalidated parameter to initiate file, service, and network enumeration by forcing the application to make HTTP, DNS, or file requests to arbitrary destinations.

Vendor	Product	Versions
Ateme	TITAN	affected `3.9.12.4`

Weaknesses (CWE)

References

ExploitDB-51582

exploit

Zero Science Lab Disclosure (ZSL-2023-5781)

third-party-advisory

Ateme Titan Product Webpage

product

VulnCheck Advisory: Ateme TITAN File 3.9 Authenticated Server-Side Request Forgery Vulnerability

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.