CVE-2025-68722

HIGH

Axigen Mail Server <10.5.57, 10.6.x <10.6.26 - CSRF

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-68722. PoCs published by osmancanvural.

AI-analyzed exploit summary This repository provides a functional proof-of-concept for CVE-2025-68722, a CSRF vulnerability in Axigen WebAdmin. The exploit leverages a Base64-encoded payload in the `_s` parameter to execute administrative actions post-authentication.

Description

Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter. The application accepts state-changing requests via the GET method and automatically processes base64-encoded commands queued in the _s parameter immediately after administrator authentication. Attackers can craft malicious URLs that, when clicked by administrators, execute arbitrary administrative actions upon login without further user interaction, including creating rogue administrator accounts or modifying critical server configurations.

Exploits (1)

nomisec WORKING POC

by osmancanvural · poc

https://github.com/osmancanvural/CVE-2025-68722

View Code ZIP pw:eip

This repository provides a functional proof-of-concept for CVE-2025-68722, a CSRF vulnerability in Axigen WebAdmin. The exploit leverages a Base64-encoded payload in the `_s` parameter to execute administrative actions post-authentication.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Axigen WebAdmin < 10.6.26

Auth required

Prerequisites: Target administrator must click the crafted URL and complete login

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Vendor Advisory

https://www.axigen.com/knowledgebase/Axigen-WebAdmin-CSRF-Vulnerability-CVE-2025-68722-_407.html

Product

https://www.axigen.com/mail-server/download/

Various Sources

https://github.com/osmancanvural/CVE-2025-68722

Scores

CVSS v3 8.8

EPSS 0.0024

EPSS Percentile 15.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-352

Status published

Products (1)

axigen/axigen_mail_server 10.3.0 - 10.5.57

Published Feb 05, 2026

Tracked Since Feb 18, 2026