Password Reset Vulnerability in OPEXUS FOIAXpress
CVE-2025-62586

8.9HIGH

Key Information:

Vendor: Opexus
Status: Foiaxpress
Vendor: CVE Published:; 16 October 2025

What is CVE-2025-62586?

The OPEXUS FOIAXpress product is vulnerable to a remote password reset exploit that allows unauthenticated attackers to potentially gain unauthorized access by resetting the administrator password. This security flaw necessitates prompt mitigation measures, as it can lead to significant breaches in systems relying on FOIAXpress for sensitive operations. Users are advised to upgrade to version 11.13.2.0, which addresses this vulnerability.

Affected Version(s)

FOIAXpress 11.1.0 < 11.13.2.0

FOIAXpress 11.13.2.0

References

https://docs.opexustech.com/docs/foiaxpress/11.13.0/FOIAX...

https://raw.githubusercontent.com/cisagov/CSAF/develop/cs...

https://www.cve.org/CVERecord?id=CVE-2025-62586

CVSS V4

Score:

8.9

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2025
Vulnerability Reserved
Oct 16, 2025

Credit

Matthew Zamat, CISA

JSON

Opexus

What is CVE-2025-62586?

Affected Version(s)

References

CVSS V4

Timeline

Credit