CVE-2026-36227

MEDIUM

Easy Chat Server 3.1 - Directory Traversal and Remote Code Execution via UserName Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-36227. PoCs published by NullByte8080.

AI-analyzed exploit summary This repository contains a functional Python PoC for CVE-2026-36227, demonstrating a path traversal vulnerability in Easy Chat Server 3.1's user registration flow. The exploit sends a crafted HTTP POST request with traversal sequences in the UserName parameter to create a proof file outside the intended directory.

Description

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter

Exploits (1)

github WORKING POC

by NullByte8080 · pythonpoc

https://github.com/NullByte8080/CVE-2026-36227

View Code ZIP pw:eip

This repository contains a functional Python PoC for CVE-2026-36227, demonstrating a path traversal vulnerability in Easy Chat Server 3.1's user registration flow. The exploit sends a crafted HTTP POST request with traversal sequences in the UserName parameter to create a proof file outside the intended directory.

Classification

Working Poc 95%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Easy Chat Server 3.1

No auth needed

Prerequisites: Network access to the target server · Easy Chat Server 3.1 running on the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed May 22, 2026 Full analysis →

References (2)

Core 2

Core References

http://easy.com

https://github.com/NullByte8080/CVE-2026-36227

Scores

CVSS v3 6.5

EPSS 0.0024

EPSS Percentile 48.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Published May 22, 2026

Tracked Since May 22, 2026