CVE-2025-29557 – ExaGrid EX10 Remote Authentication Bypass

CVE ID : CVE-2025-29557

Published : July 31, 2025, 3:15 p.m. | 18 minutes ago

Description : ExaGrid EX10 6.3 – 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…