CVE-2025-68722

HIGH

Axigen Mail Server <10.5.57, 10.6.x <10.6.26 - CSRF

Title source: llm

Description

Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter. The application accepts state-changing requests via the GET method and automatically processes base64-encoded commands queued in the _s parameter immediately after administrator authentication. Attackers can craft malicious URLs that, when clicked by administrators, execute arbitrary administrative actions upon login without further user interaction, including creating rogue administrator accounts or modifying critical server configurations.

Exploits (1)

nomisec WORKING POC
by osmancanvural · poc
https://github.com/osmancanvural/CVE-2025-68722

References (3)

Scores

CVSS v3 8.8
EPSS 0.0002
EPSS Percentile 5.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-352
Status published

Affected Products (1)

axigen/axigen_mail_server < 10.5.57

Timeline

Published Feb 05, 2026
Tracked Since Feb 18, 2026