EChat Server 3.1 is susceptible to a critical remote code execution vulnerability where unauthenticated attackers can overflow a buffer via the chat.ghp endpoint.

The vulnerability exists in the chat.ghp endpoint. A remote, unauthenticated attacker can send a GET request with an oversized username parameter containing shellcode and ROP gadgets, triggering a buffer overflow and achieving code execution in the application context.

This is a high-impact vulnerability that allows for remote takeover of the server without any user interaction or valid credentials. It could lead to the exposure of private chat logs, user data, or use of the server as a pivot point for internal network attacks. The CVSS score of 9.8 is justified by the ease of remote exploitation.

Immediate Action: Update EChat Server to the latest version immediately. If no patch is available, disable the chat.ghp endpoint or take the server offline.

Proactive Monitoring: Inspect web server logs for GET requests to chat.ghp that contain excessively long strings or non-alphanumeric characters in the username field.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules designed to detect and block buffer overflow attempts and ROP chain patterns in URI parameters.

Public Exploit Available: false

The EChat Server vulnerability represents a severe risk to any organization hosting this service. Immediate patching is mandatory. If the vendor has not provided an update, migrating to a secure, modern chat platform is strongly advised.