lutrasecurity

2 exploits Active since Sep 2022

CVE-2022-36532 NOMISEC HIGH WORKING POC

Bolt CMS <5.1.12 - Authenticated RCE

Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code execution.

3 stars

CVSS 8.8

View Code

CVE-2025-1910 NOMISEC MEDIUM WORKING POC

WatchGuard Mobile VPN <12.11.2 - Privilege Escalation

The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and including 12.11.2.

View Code