PT-2026-33096 · Opentext · Rightfax

Harrison Neal

Published

2026-04-15

Updated

2026-04-16

CVE-2025-15610

CVSS v4.0

9.3

Critical

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions RightFax versions prior to 25.4

Description An issue involving the deserialization of untrusted data allows for Object Injection. This flaw can lead to remote code execution without requiring authentication.

Recommendations Update to version 25.4 or later.

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2025-15610

Affected Products

Rightfax

PT-2026-33096 · Opentext · Rightfax

CVE-2025-15610

Weakness Enumeration

Related Identifiers

Affected Products

References · 4