CVE-2025-34127

CRITICAL

Achat v0.150 - Buffer Overflow

Title source: llm

Description

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/36056

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/achat_bof.rb

View Code ZIP pw:eip

References (3)

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/achat_bof.rb

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/36056

[Third Party Advisory] https://www.vulncheck.com/advisories/achat-seh-buffer-overflow

Scores

CVSS v4 9.3

EPSS 0.5626

EPSS Percentile 98.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Details

CWE

CWE-121 CWE-94

Status published

Products (1)

Achat Software/Achat Chat Server 0.150

Published Jul 16, 2025

Tracked Since Feb 18, 2026