QwikSec

Security Database

CVE

CWE

Training

CVE-2025-34127

Published: Jul 16, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution.

Vendor	Product	Versions
Achat Software	Achat Chat Server	affected `0.150`

Weaknesses (CWE)

References

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/achat_bof.rb

exploit

https://www.vulncheck.com/advisories/achat-seh-buffer-overflow

third-party-advisory

https://www.exploit-db.com/exploits/36056

exploit

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.