Security Advisory
CVE-2025-35053
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Newforma Info Exchange (NIX) accepts requests to /UserWeb/Common/MarkupServices.ashx specifying the DownloadExportedPDF command that allow an authenticated user to read and delete arbitrary files with NT AUTHORITYNetworkService privileges. In Newforma before 2023.1, anonymous access is enabled by default (CVE-2025-35062), allowing an otherwise unauthenticated attacker to effectively authenticate as anonymous and exploit this file upload vulnerability.