CNNVD-202507-3916 Information

CNNVD ID

CNNVD-202507-3916

Related CVE

CVE-2025-29557

• CNNVD Published: 2025-07-31

Description (Chinese)

ExaGrid EX10是美国ExaGrid公司的一款备份存储服务器。 ExaGrid EX10 6.3至7.0.1.P08版本存在安全漏洞，该漏洞源于MailConfiguration API端点访问控制不当，可能导致获取SMTP凭据。

Description (English)

ExaGrid EX10 is a back-up storage server for ExaGrid in the United States. ExaGrid EX10 6.3 to 7.0.1.P08 contains a security loophole that stems from inadequate access controls at the MailConfiguration API endpoint, which may lead to the acquisition of SMTP evidence.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

ExaGrid

Published

2025-07-31

Last Modified

2026-02-24

References

https://github.com/0xsu3ks/CVE-2025-29557 https://www.exagrid.com/ https://access.redhat.com/security/cve/cve-2025-29557

Patch

https://www.exagrid.com/media/press-releases/exagrid-releases-version-7-3-0/