CVE Catalog

CVE-2026-36227

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Elevated risk
0.87%

54th percentile - higher than 54% of all known CVEs

Summary

A Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to read sensitive information and execute arbitrary code via the UserName parameter.

Risk Assessment

An attacker can access confidential server files and take control of the server, leading to data leakage and potential full system compromise.

Recommendation

Immediately update Easy Chat Server to the latest version or apply a security patch, and restrict server access to trusted users only.

Original NVD description (English source)

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter

Vulnerability data from NVD (NIST) · CISA KEV · EPSS