CVE-2025-53691
published 2025-09-03CVE-2025-53691: Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This…
PriorityP264high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.44%
69.9th percentile
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore Experience Platform (XP) allows Remote Code Execution (RCE).This issue affects Experience Manager (XM): from 9.0 through 9.3, from 10.0 through 10.4; Experience Platform (XP): from 9.0 through 9.3, from 10.0 through 10.4.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sitecore | experience_commerce | 9.0 – 10.4 | — |
| sitecore | experience_manager | 10.0 – 10.4 | — |
| sitecore | experience_manager | 9.0 – 10.4 | — |
| sitecore | experience_platform | — | — |
| sitecore | experience_platform | 10.0 – 10.4 | — |
| sitecore | experience_platform | >= 9.0 < 10.4 | 10.4 |
| sitecore | experience_platform | 9.0 – 9.3 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Decrypt File (CVE-2024-53691)
suricata·2025-01-29·CVSS 8.7
CVE-2024-53691 [HIGH] ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Decrypt File (CVE-2024-53691)
ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Decrypt File (CVE-2024-53691)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Decrypt File (CVE-2024-53691)"; flow:established,to_server; flowbits:isset,ET.QNAP.CVE-2024-53691.Overwrite; http.method; content:"GET"; http.uri; content:"/cgi-bin/filemanager/utilRequest.cgi?"; fast_pattern; content:"func|3d|cipher"; content:"subfunc|3d|decrypt"; http.request_body; content:"mode|3d|0"; content:"keep|3d|1"; reference:url,github.com/C411e/CVE-2024-53691; reference:cve,2024-53691; classtype:web-application-attack; sid:2059747; rev:1; metadata:affected_product QNAP, attack_target Server, tls_state TLSDecrypt, created_at 2025_01_29, cve CVE_2024_53691, deployment Perimeter, deployment Internal, deployment SSLDecrypt, co
Suricata
ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Unpack File (CVE-2024-53691)
suricata·2025-01-29·CVSS 8.7
CVE-2024-53691 [HIGH] ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Unpack File (CVE-2024-53691)
ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Unpack File (CVE-2024-53691)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS QNAP QTS/QuTS Unpack File (CVE-2024-53691)"; flow:established,to_server; flowbits:isset,ET.QNAP.CVE-2024-53691.Upload; flowbits:set,ET.QNAP.CVE-2024-53691.Overwrite; http.method; content:"GET"; http.uri; content:"/cgi-bin/filemanager/utilRequest.cgi?"; fast_pattern; content:"func|3d|extract"; reference:url,github.com/C411e/CVE-2024-53691; reference:cve,2024-53691; classtype:web-application-attack; sid:2059743; rev:1; metadata:affected_product QNAP, attack_target Server, tls_state TLSDecrypt, created_at 2025_01_29, cve CVE_2024_53691, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag Exp
Suricata
ET WEB_SPECIFIC_APPS QNAP QTS/QuTS File Upload (CVE-2024-53691)
suricata·2025-01-29·CVSS 8.7
CVE-2024-53691 [HIGH] ET WEB_SPECIFIC_APPS QNAP QTS/QuTS File Upload (CVE-2024-53691)
ET WEB_SPECIFIC_APPS QNAP QTS/QuTS File Upload (CVE-2024-53691)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS QNAP QTS/QuTS File Upload (CVE-2024-53691)"; flow:established,to_server; flowbits:isset,ET.ZIP.Symlink.Inbound; flowbits:set,ET.QNAP.CVE-2024-53691.Upload; http.method; content:"POST"; http.uri; content:"/cgi-bin/filemanager/utilRequest.cgi?"; fast_pattern; content:"func|3d|chunked_upload"; reference:url,github.com/C411e/CVE-2024-53691; reference:cve,2024-53691; classtype:web-application-attack; sid:2059742; rev:1; metadata:affected_product QNAP, attack_target Server, tls_state TLSDecrypt, created_at 2025_01_29, cve CVE_2024_53691, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag Explo
No public exploits indexed.
No writeups or analysis indexed.
2025-09-03
Published