CVE-2017-15223

MEDIUM

ArGoSoft Mini Mail Server < 1.0.0.2 - Denial of Service via Infinite Loop

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-15223. PoCs published by Berk Cem Göksel.

AI-analyzed exploit summary This exploit targets a denial-of-service vulnerability in ArGoSoft Mini Mail Server by sending malformed SMTP commands with increasingly large strings to consume memory resources. It uses multiple threads to amplify the attack.

Description

Denial-of-service vulnerability in ArGoSoft Mini Mail Server 1.0.0.2 and earlier allows remote attackers to waste CPU resources (memory consumption) via unspecified vectors, possibly triggering an infinite loop.

Exploits (1)

exploitdb WORKING POC

by Berk Cem Göksel · pythondoswindows

https://www.exploit-db.com/exploits/43026

View Code ZIP pw:eip

This exploit targets a denial-of-service vulnerability in ArGoSoft Mini Mail Server by sending malformed SMTP commands with increasingly large strings to consume memory resources. It uses multiple threads to amplify the attack.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: ArGoSoft Mini Mail Server 1.0.0.2 and earlier

No auth needed

Prerequisites: Network access to the SMTP port (25) of the target server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43026/

Scores

CVSS v3 5.3

EPSS 0.0453

EPSS Percentile 90.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Details

CWE

CWE-835

Status published

Products (1)

argosoft/mini_mail_server < 1.0.0.2

Published Oct 24, 2017

Tracked Since Feb 18, 2026