Description
EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing shellcode and ROP gadgets to achieve code execution in the application context.
Published: 2026-03-28
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

EChat Server 3.1 contains a classic buffer overflow flaw in the chat.ghp endpoint when the username parameter is oversized. Attackers can exploit this by sending a crafted GET request that injects shellcode and ROP chains, allowing arbitrary code to run inside the application process. The weakness is a classic out-of-bounds write, identified as CWE‑787, and, if successfully exploited, can compromise confidentiality, integrity, and availability of the affected system.

Affected Systems

The vulnerability affects the EChat Server product from Echatserver, specifically version 3.1. No other product versions are mentioned in the advisory, so the impact is limited to this exact build.

Risk and Exploitability

The CVSS score is 9.3, classifying the flaw as critical. The EPSS score is below 1 %, indicating a low probability of current exploitation, and it is not listed in the CISA KEV catalog. The likely attack vector is remote HTTP access to the chat.ghp endpoint, meaning an attacker only needs network connectivity and knowledge of the URL to mount a successful exploit.

Generated by OpenCVE AI on April 2, 2026 at 21:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any available patch or upgrade EChat Server to a version that removes the buffer overflow
  • Restrict access to the chat.ghp endpoint by implementing firewall rules or ACLs to limit exposure to trusted networks
  • Monitor HTTP logs for abnormal GET requests to the chat.ghp path and investigate any suspicious activity
  • If no patch is available, temporarily disable or block the chat.ghp endpoint until a fix can be applied

Generated by OpenCVE AI on April 2, 2026 at 21:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Echatserver easy Chat Server
CPEs cpe:2.3:a:echatserver:easy_chat_server:*:*:*:*:*:*:*:*
Vendors & Products Echatserver easy Chat Server

Mon, 30 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 30 Mar 2026 07:15:00 +0000

Type Values Removed Values Added
First Time appeared Echatserver
Echatserver echat Server
Vendors & Products Echatserver
Echatserver echat Server

Sat, 28 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
Description EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing shellcode and ROP gadgets to achieve code execution in the application context.
Title EChat Server 3.1 Buffer Overflow via chat.ghp username Parameter
Weaknesses CWE-787
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Echatserver Easy Chat Server Echat Server
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-30T15:52:11.654Z

Reserved: 2026-03-28T11:47:06.776Z

Link: CVE-2018-25221

cve-icon Vulnrichment

Updated: 2026-03-30T15:52:07.128Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-28T12:16:02.793

Modified: 2026-04-02T19:15:19.013

Link: CVE-2018-25221

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:38:31Z

Weaknesses