CRITICAL🇵🇱 Wersja polska

CVE-2017-9544

CVSS 9.8v3.1pub. 2017-06-12upd. 2026-05-13

There is a remote stack-based buffer overflow (SEH) in register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1. By sending an overly long username string to registresult.htm for registering the user, an attacker may be able to execute arbitrary code.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Echatserver Easy Chat Server

    APP
    Echatserver
    2.0 – 3.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2018-25221CRITICAL9.3PL ✓ten sam produkt

EChat Server 3.1 – buffer overflow w endpoint chat.ghp umożliwiający RCE

CVE-2019-25613HIGH8.7ten sam produkt

Easy Chat Server 3.1 contains a denial of service vulnerability that allows remote attackers to crash the appl...

CVE-2022-44939HIGH7.8ten sam produkt

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the comp...

CVE-2019-20502HIGH7.5ten sam produkt

An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow via a long body2.ghp message p...

CVE-2017-9543HIGH7.5ten sam produkt

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to reset arbitrary p...