Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Easy Chat Server Stack-based buffer overflow vulnerability
Vulnerability Description
Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Chat Server 缓冲区错误漏洞
Vulnerability Description
Chat Server是ramank775个人开发者的基于微服务架构的聊天服务器,支持高可用、高吞吐、横向扩展。 Easy Chat Server 3.1版本存在缓冲区错误漏洞,该漏洞源于存在缓冲区溢出漏洞。攻击者可利用该漏洞通过GET请求向register.ghp文件发送字符串执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A