CRITICAL🇬🇧 English

CVE-2017-9544

CVSS 9.8v3.1pub. 2017-06-12upd. 2026-05-13

There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Echatserver Easy Chat Server

    APP
    Echatserver
    2.0 – 3.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2018-25221CRITICAL9.3PL ✓ten sam produkt

EChat Server 3.1 – buffer overflow w endpoint chat.ghp umożliwiający RCE

CVE-2019-25613HIGH8.7ten sam produkt

Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the appl...

CVE-2022-44939HIGH7.8ten sam produkt

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the comp...

CVE-2019-20502HIGH7.5ten sam produkt

An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow via a long body2.ghp message p...

CVE-2017-9543HIGH7.5ten sam produkt

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary p...