CVE-2018-25221

CriticalPublic PoC

Published: 28 March 2026

Published

28 March 2026

Modified

02 April 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0011 28.8th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username parameter. Attackers can send a GET request to chat.ghp with a malicious username value containing…

shellcode and ROP gadgets to achieve code execution in the application context.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Requires validation of the oversized username parameter in the chat.ghp GET request to prevent buffer overflow exploitation.

SI-16 Memory Protection good match

prevent

Implements memory safeguards like DEP and ASLR to block execution of shellcode and ROP gadgets from the buffer overflow.

SI-2 Flaw Remediation good match

prevent

Directs identification, reporting, and patching of the specific buffer overflow flaw in EChat Server's chat.ghp endpoint.

Security SummaryAI

CVE-2018-25221 is a buffer overflow vulnerability (CWE-787) in EChat Server 3.1, specifically affecting the chat.ghp endpoint. The issue arises from processing an oversized username parameter, which can trigger a buffer overflow. Published on 2026-03-28, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to its potential for high-impact remote exploitation.

Remote, unauthenticated attackers can exploit this vulnerability by sending a GET request to the chat.ghp endpoint with a malicious username parameter containing shellcode and ROP gadgets. Successful exploitation leads to arbitrary code execution in the context of the affected application.

Advisories and related resources include a Vulncheck advisory detailing the buffer overflow via the chat.ghp username parameter and a public exploit published on Exploit-DB at https://www.exploit-db.com/exploits/44155. No specific patch or mitigation details are outlined in the provided information.

Details

CWE(s): CWE-787

Affected Products

echatserver

easy chat server

≤ 3.1

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE-2018-25221 is a buffer overflow in a public-facing chat server endpoint (chat.ghp) allowing unauthenticated remote code execution via crafted GET request, directly mapping to Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.exploit-db.com/exploits/44155
Exploit · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/echat-server-buffer-overflow-via-chat-ghp-username-parameter
Third Party Advisory · disclosure@vulncheck.com