Hmailserver Exploit Github ((free)) [OFFICIAL]

CVE-2025-52372 affects hMailServer v.5.8.6 and allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExtension.iss and hMailServer.ini components. This vulnerability has a CVSS v3.1 score of .

Several GitHub repositories provide PoC code for this vulnerability, each with slightly different approaches: hmailserver exploit github

This critical vulnerability allowed an authenticated administrator to execute arbitrary commands on the HmailServer host via the COM API's Utilities.Execute method. Although authentication is required, attackers often combine it with credential theft or session hijacking. CVE-2025-52372 affects hMailServer v