EIP-2026-118950

PRE-CVE

NetcPlus SmartServer3 3.5.1 - POP Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118950. PoCs published by Ussr Labs.

AI-analyzed exploit summary The exploit describes a buffer overflow vulnerability in the NetcPlus SmartServer3 email server's POP service. The USER command with an argument exceeding 800 characters triggers the overflow, allowing arbitrary code execution at the server's privilege level.

Description

NetcPlus SmartServer3 3.5.1 - POP Buffer Overflow

Exploits (1)

exploitdb WRITEUP VERIFIED

by Ussr Labs · textremotewindows

https://www.exploit-db.com/exploits/19617

View Code ZIP pw:eip

The exploit describes a buffer overflow vulnerability in the NetcPlus SmartServer3 email server's POP service. The USER command with an argument exceeding 800 characters triggers the overflow, allowing arbitrary code execution at the server's privilege level.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: NetcPlus SmartServer3

No auth needed

Prerequisites: Network access to the POP service

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026