High severity7.5NVD Advisory· Published Jun 12, 2017· Updated May 13, 2026

CVE-2017-9557

Description

register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to discover passwords by sending the username parameter in conjunction with an empty password parameter, and reading the HTML source code of the response.

Affected products

Echatserver/Easy Chat Server
cpe:2.3:a:echatserver:easy_chat_server:*:*:*:*:*:*:*:*
Range: >=2.0,<=3.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/42153/nvdExploitThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000