orange0Mint

3 exploits Active since Jun 2025
CVE-2025-5777 NOMISEC HIGH WORKING POC
Citrix NetScaler ADC/Gateway 12.1-12.1-55.328, 13.1-13.1-37.235, 13.1-13.1-58.32 - Out-of-bounds Read
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
2 stars
CVSS 7.5
CVE-2025-57819 NOMISEC CRITICAL WORKING POC
FreePBX 15.0-15.0.65 - Unauthenticated Authentication Bypass and Remote Code Execution
FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
CVSS 9.8
CVE-2025-10035 NOMISEC CRITICAL SCANNER
Fortra GoAnywhere MFT < 7.6.3 - Deserialization of Untrusted Data via License Servlet
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.
CVSS 10.0