CVE-2005-0522

Chat Anywhere 2.72a - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0522. PoCs published by Kozan.

AI-analyzed exploit summary This exploit reads the 'Demo1.ini' configuration file of Chat Anywhere 2.72a to extract plaintext credentials (port, name, and password) stored locally. It leverages predictable file paths and registry queries to locate the file.

Description

Chat Anywhere 2.72a stores sensitive information such as passwords in plaintext in the .INI file for a chatroom, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Kozan · clocalwindows

https://www.exploit-db.com/exploits/837

View Code ZIP pw:eip

This exploit reads the 'Demo1.ini' configuration file of Chat Anywhere 2.72a to extract plaintext credentials (port, name, and password) stored locally. It leverages predictable file paths and registry queries to locate the file.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Chat Anywhere 2.72a

No auth needed

Prerequisites: Local access to the system · Chat Anywhere 2.72a installed

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013270

Scores

EPSS 0.0056

EPSS Percentile 42.2%

Details

Status published

Products (1)

lionmax_software/chat_anywhere 2.72a

Published May 02, 2005

Tracked Since Feb 18, 2026