EIP-2026-117353

PRE-CVE

Ipswitch IMail Server 7/8 - Weak Password Encryption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117353. PoCs published by Adik.

AI-analyzed exploit summary This exploit demonstrates a weak encryption vulnerability in Ipswitch IMail Server <= 8.1, where user passwords are obfuscated using a polyalphabetic Vigenère cipher with the username as the key. The provided code decrypts these passwords by subtracting the hex values of the username from the password hash.

Description

Ipswitch IMail Server 7/8 - Weak Password Encryption

Exploits (1)

exploitdb WORKING POC VERIFIED

by Adik · clocalwindows

https://www.exploit-db.com/exploits/24374

View Code ZIP pw:eip

This exploit demonstrates a weak encryption vulnerability in Ipswitch IMail Server <= 8.1, where user passwords are obfuscated using a polyalphabetic Vigenère cipher with the username as the key. The provided code decrypts these passwords by subtracting the hex values of the username from the password hash.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Ipswitch IMail Server <= 8.1

No auth needed

Prerequisites: Local access to the registry where the encrypted passwords are stored · Knowledge of the username associated with the password

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026