CVE-2025-34127

UNKNOWN 0.0

Achat v0.150 SEH Buffer Overflow via UDP

CVSS Score

0.0

EPSS Score

56.3%

EPSS Percentile

98th

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution.

CWE	CWE-121 CWE-94
Vendor	achat software
Product	achat chat server
Published	Jul 16, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for achat software achat chat server

Be the first to know when new unknown vulnerabilities affecting achat software achat chat server are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Achat Software / Achat Chat Server

0.150

References

NVD ↗ CVE.org ↗ EPSS Data ↗

raw.githubusercontent.com: https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/achat_bof.rb vulncheck.com: https://www.vulncheck.com/advisories/achat-seh-buffer-overflow exploit-db.com: https://www.exploit-db.com/exploits/36056

Credits

Peter Kasza