← volver
CVE-2025-55306

GenX_FX authentication bypass in JWT validation

CVSS 9.8 CRITICALEPSS 0.5%CWE-522
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.8EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 ago 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Mouy-leng · GenX_FX

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/Mouy-leng/GenX_FX/security/advisories/GHSA-2xjq-pvwj-mvm6