Andrey Smirnov

**Name of the Vulnerable Software and Affected Versions** Extremail version 1.5.9 **Description** The issue allows remote attackers to gain privileges due to incorrect password checking when passwords are all digits or begin with a digit. **Recommendations** For Extremail version 1.5.9, update to a version that correctly checks passwords to prevent remote attackers from gaining privileges. At the moment, there is no information about a newer version that contains a fix for this vulnerability.