CVE-2025-48501

Summary

An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this vulnerability is exploited, an arbitrary OS commands may be executed on the server where the product is running.

Affected Software

VendorProductVersion RangeStatus
NimesaNimesa Backup and Recoveryv2.3affected
NimesaNimesa Backup and Recoveryv2.4affected

Weaknesses

  • CWE-78: Improper neutralization of special elements used in an OS command ('OS Command Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References