{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-32991", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-25T15:55:46.019Z", "dateReserved": "2025-04-15T00:00:00.000Z", "datePublished": "2026-03-25T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T14:43:51.840Z"}, "descriptions": [{"lang": "en", "value": "In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.n2ws.com"}, {"url": "https://n2ws.com/blog/security-advisory-update"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-362", "lang": "en", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T15:55:43.770959Z", "id": "CVE-2025-32991", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T15:55:46.019Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-32991", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-25T15:55:43.770959Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-362", "description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T15:55:38.670Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.n2ws.com"}, {"url": "https://n2ws.com/blog/security-advisory-update"}], "descriptions": [{"lang": "en", "value": "In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-25T14:43:51.840Z"}}}, "cveMetadata": {"cveId": "CVE-2025-32991", "state": "PUBLISHED", "dateUpdated": "2026-03-25T15:55:46.019Z", "dateReserved": "2025-04-15T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-25T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:n2w:backup\\&_recovery:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8784D3B-0394-4801-BA75-84E0FB8F2EF3", "versionEndExcluding": "4.3.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution."}], "id": "CVE-2025-32991", "lastModified": "2026-03-26T20:36:42.620", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T15:16:28.507", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://n2ws.com/blog/security-advisory-update"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.n2ws.com"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.4.0)"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "product": "backup_and_recovery", "vendor": "n2ws"}], "analysis": {"en": {"generated_at": "2026-03-25T19:39:06.881712+00:00", "value": {"mitigation_remediation": ["Apply the latest patch to upgrade N2WS Backup & Recovery to version 4.4.0 or higher.", "Verify that the vulnerable race condition is no longer exploitable by testing the RESTful API for the described request pattern.", "Check the vendor\u2019s security advisory for any additional monitoring or mitigation steps."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "N2WS Backup & Recovery, versions prior to 4.4.0", "description_and_impact": "An attacker can exploit a race condition present in the RESTful API of N2WS Backup & Recovery versions earlier than 4.4.0. By manipulating the timing or ordering of two separate API requests, the attacker can trigger remote code execution on the host, gaining full control of the affected system.", "risk_and_exploitability": "The vulnerability is rated highly, with a CVSS score of 9, indicating a critical severity level. EPSS data is not available and the flaw is not listed in the CISA KEV catalog. The likely attack vector is remote access through the exposed RESTful API, inferred from the description of a two\u2011step API attack that results in code execution."}}}}, "created": "2026-03-25T20:57:06.158661+00:00", "title": "Remote Code Execution via Dual\u2011Step REST API Attack in N2WS Backup & Recovery", "updated": "2026-03-26T11:51:40.975358+00:00", "vendors": ["n2ws", "n2ws$PRODUCT$backup_and_recovery"]}