EIP-2026-103537

PRE-CVE

Lotus Domino 4.6.1/4.6.4 Notes - SMTPA MTA Mail Relay

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103537. PoCs published by Robert Lister.

AI-analyzed exploit summary This exploit demonstrates an SMTP mail relay vulnerability in Lotus Notes SMTP MTA. By connecting to the SMTP server and issuing specific commands, an unauthorized user can relay email through the server, potentially enabling spam or other unsolicited email distribution.

Description

Lotus Domino 4.6.1/4.6.4 Notes - SMTPA MTA Mail Relay

Exploits (1)

exploitdb WORKING POC VERIFIED

by Robert Lister · bashdosmultiple

https://www.exploit-db.com/exploits/19368

View Code ZIP pw:eip

This exploit demonstrates an SMTP mail relay vulnerability in Lotus Notes SMTP MTA. By connecting to the SMTP server and issuing specific commands, an unauthorized user can relay email through the server, potentially enabling spam or other unsolicited email distribution.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Lotus Notes SMTP MTA

No auth needed

Prerequisites: Network access to the SMTP server (TCP port 25) · SMTP server running Lotus Notes MTA

MITRE ATT&CK

T1095 - Non-Application Layer Protocol

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026