EIP-2026-114825

PRE-CVE

AA SMTP Server 1.1 - Crash (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114825. PoCs published by SONIC.

AI-analyzed exploit summary This PoC exploits a buffer overflow vulnerability in AA SMTP Server v1.1 by sending an excessively long string (9999999 'A' characters) via a crafted CSV file import, leading to a crash. The exploit is written in Python and targets the SMTP server's account import functionality.

Description

AA SMTP Server 1.1 - Crash (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by SONIC · textdoswindows

https://www.exploit-db.com/exploits/14990

View Code ZIP pw:eip

This PoC exploits a buffer overflow vulnerability in AA SMTP Server v1.1 by sending an excessively long string (9999999 'A' characters) via a crafted CSV file import, leading to a crash. The exploit is written in Python and targets the SMTP server's account import functionality.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: AA SMTP Server v1.1

No auth needed

Prerequisites: Access to import account list functionality in AA SMTP Server

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026