CVE-2025-34127 Information
Jul 17, 2025
cve
Description
A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256 an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution.
Reference
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/windows/misc/achat_bof.rb https://www.exploit-db.com/exploits/36056 https://www.vulncheck.com/advisories/achat-seh-buffer-overflow
Related CNNVD
CNNVD-202507-2281 (Published: 2025-07-16)
Share on: