Deepofix
Monthly
The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password, which triggers an LDAP anonymous bind. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.7%.
The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password, which triggers an LDAP anonymous bind. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.7%.