{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-32991", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-25T15:55:46.019Z", "dateReserved": "2025-04-15T00:00:00.000Z", "datePublished": "2026-03-25T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T14:43:51.840Z"}, "descriptions": [{"lang": "en", "value": "In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.n2ws.com"}, {"url": "https://n2ws.com/blog/security-advisory-update"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-362", "lang": "en", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T15:55:43.770959Z", "id": "CVE-2025-32991", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T15:55:46.019Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-32991", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-25T15:55:43.770959Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T15:55:38.670Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.n2ws.com"}, {"url": "https://n2ws.com/blog/security-advisory-update"}], "descriptions": [{"lang": "en", "value": "In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T14:43:51.840Z"}}}, "cveMetadata": {"cveId": "CVE-2025-32991", "state": "PUBLISHED", "dateUpdated": "2026-03-25T15:55:46.019Z", "dateReserved": "2025-04-15T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-25T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:n2w:backup\\&_recovery:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8784D3B-0394-4801-BA75-84E0FB8F2EF3", "versionEndExcluding": "4.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution."}], "id": "CVE-2025-32991", "lastModified": "2026-03-26T20:36:42.620", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T15:16:28.507", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://n2ws.com/blog/security-advisory-update"}, {"source": "[email protected]", "tags": ["Product"], "url": "https://www.n2ws.com"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.4.0)"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "product": "backup_and_recovery", "vendor": "n2ws"}], "analysis": {"en": {"generated_at": "2026-03-26T21:32:47.774535+00:00", "value": {"mitigation_remediation": ["Apply the official update to N2WS Backup & Recovery version 4.4.0 or later.", "If an immediate patch is not possible, isolate the backup server from untrusted networks and restrict API access to trusted hosts only.", "Continuously monitor the API for abnormal usage patterns or unexpected file system changes."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to N2WS Backup & Recovery versions prior to 4.4.0. All installations running the API exposed before this release are at risk, regardless of other configuration settings.", "description_and_impact": "A two\u2011step attack against the RESTful API of N2WS Backup & Recovery can lead to arbitrary code execution. The weakness is a race condition that allows an attacker to manipulate the execution sequence of concurrent requests, enabling them to run malicious code with the privileges of the backup service. This could compromise the entire server, allowing full control over files, configuration, and potentially all data handled by the application.", "risk_and_exploitability": "The CVSS score of 9 indicates a high severity level. The EPSS score of less than 1% shows that documented exploits are unlikely to be widely available. The vulnerability is not listed in the CISA KEV catalog, but the exploit path relies on exposure of the REST API over a network. Attackers who can reach the API endpoint can perform the dual\u2011step maneuver to trigger the race condition, leading to code execution without additional privileges."}}}}, "created": "2026-03-25T20:57:06.158661+00:00", "updated": "2026-03-27T09:20:32.519715+00:00", "vendors": ["n2ws", "n2ws$PRODUCT$backup_and_recovery"]}